dependency-track icon indicating copy to clipboard operation
dependency-track copied to clipboard
verified publisher icon DependencyTrack

Error Process BOM since 4.9.1 Update

Open BlythMeister opened this issue 2 years ago • 3 comments

Current Behavior

Each BOM fails sending email

--------------------------------------------------------------------------------

Cause:
Iteration request failed : SELECT 'org.dependencytrack.model.ViolationAnalysisComment''org.dependencytrack.model.ViolationAnalysisComment' AS DN_TYPE AS DN_TYPE,A0.COMMENT,A0.COMMENTER,A0.ID,A0."TIMESTAMP" AS NUCORDER0,,B0."STATE",B0.COMPONENT_ID,B0.ID,,A0.VIOLATIONANALYSIS_ID FROM A0.VIOLATIONANALYSIS_ID FROM VIOLATIONANALYSISCOMMENT A0 INNER JOIN VIOLATIONANALYSIS B0 ON A0.VIOLATIONANALYSIS_ID = B0.ID INNER JOIN VIOLATIONANALYSIS B0 ON A0.VIOLATIONANALYSIS_ID = B0.ID WHERE EXISTS (SELECT 'org.dependencytrack.model.ViolationAnalysis' AS DN_TYPE,,A0_SUB.ID AS DN_APPID AS DN_APPID FROM VIOLATIONANALYSIS A0_SUBVIOLATIONANALYSIS A0_SUB WHERE A0_SUB.COMPONENT_ID = ? AND A0.VIOLATIONANALYSIS_ID = A0_SUB.ID) ORDER BY NUCORDER0EXISTS (SELECT 'org.dependencytrack.model.ViolationAnalysis' AS DN_TYPE,,A0_SUB.ID AS DN_APPID AS DN_APPID FROM VIOLATIONANALYSIS A0_SUBVIOLATIONANALYSIS A0_SUB WHERE A0_SUB.COMPONENT_ID = ? AND A0.VIOLATIONANALYSIS_ID = A0_SUB.ID) ORDER BY NUCORDER0

--------------------------------------------------------------------------------

An error occurred while processing a BOM

--------------------------------------------------------------------------------

Steps to Reproduce

Upgraded to 4.9.1 Upload BOM

Expected Behavior

BOM to process

Dependency-Track Version

4.9.1

Dependency-Track Distribution

Container Image

Database Server

Microsoft SQL Server

Database Server Version

No response

Browser

Google Chrome

Checklist

BlythMeister avatar Nov 15 '23 11:11 BlythMeister

Did you observe more detailed stack traces for this in the logs? Any more info you can share about your setup?

I am reworking the BOM processing in https://github.com/DependencyTrack/dependency-track/pull/3357 and would love to verify that this issue is fixed, but I am unable to reproduce it so far.

nscuro avatar Jan 10 '24 18:01 nscuro

I didn't. But I think the issue occured if you have a policy violation which has a comment and status and you upload a new BOM with the same policy violation.

BlythMeister avatar Jan 10 '24 19:01 BlythMeister

Hmmm, I'm thinking this might've been fixed in 4.10.0 already, at least it's a similar problem: https://github.com/DependencyTrack/dependency-track/pull/3228

Will try reproducing to verify.

nscuro avatar Jan 10 '24 19:01 nscuro