dependency-track icon indicating copy to clipboard operation
dependency-track copied to clipboard
verified publisher icon DependencyTrack

In NewVulnerabilityIdentified - affectedProjects should contains only active projects

Open tsimas opened this issue 1 year ago • 2 comments

Current Behavior

When Notification created with group=NotificationGroup.NEW_VULNERABILITY and subjct=NewVulnerabilityIdentified(...), NewVulnerabilityIdentified.affectedProjects contains all affected projects. It causes performance issue at bumupload when affected projects number is high.

Sample: affectedProjects size: 6589 ( active:713, not active: 5876, there is no OSSINDEX https call retry)

Logs: January 29th 2024, 16:12:01.581 dependency-track-apiserver 2024-01-29 15:12:01,581 DEBUG [VulnerabilityAnalysisTask] Time taken by perform analysis task by OSSINDEX_ANALYZER : 1829164 milliseconds

Detailed logs: Line 3592: 2024-02-04 10:52:14,541 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:52:14.533586129Z, notificationSubjects={component=Component[uuid=1e27e Line 3696: 2024-02-04 10:52:16,721 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:52:16.712466061Z, notificationSubjects={component=Component[uuid=1e27e Line 4463: 2024-02-04 10:52:26,041 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:52:26.032518148Z, notificationSubjects={component=Component[uuid=a0bd8 Line 4675: 2024-02-04 10:52:28,394 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:52:28.386201236Z, notificationSubjects={component=Component[uuid=a0bd8 Line 5042: 2024-02-04 10:52:33,586 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:52:33.57768311Z, notificationSubjects={component=Component[uuid=aaede1 Line 5046: 2024-02-04 10:52:39,162 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:52:39.153577872Z, notificationSubjects={component=Component[uuid=71d2b Line 5049: 2024-02-04 10:52:40,686 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:52:40.672494837Z, notificationSubjects={component=Component[uuid=71d2b Line 5075: 2024-02-04 10:54:19,965 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:54:19.943901078Z, notificationSubjects={component=Component[uuid=ae463 Line 8752: 2024-02-04 10:54:47,337 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:54:47.31560876Z, notificationSubjects={component=Component[uuid=ae4638 Line 12928: 2024-02-04 10:55:18,702 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:55:18.676985281Z, notificationSubjects={component=Component[uuid=ae463 Line 17829: 2024-02-04 10:55:46,370 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:55:46.340444814Z, notificationSubjects={component=Component[uuid=ae463 Line 18087: 2024-02-04 10:56:44,843 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:56:44.822854931Z, notificationSubjects={component=Component[uuid=56e0a Line 18093: 2024-02-04 10:56:59,639 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:56:59.619506251Z, notificationSubjects={component=Component[uuid=56e0a Line 18097: 2024-02-04 10:57:05,818 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:57:05.80778777Z, notificationSubjects={component=Component[uuid=675e5b Line 18106: 2024-02-04 10:57:35,926 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:57:35.907733648Z, notificationSubjects={component=Component[uuid=72b59 Line 18111: 2024-02-04 10:57:47,170 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:57:47.156674949Z, notificationSubjects={component=Component[uuid=9a27e Line 18125: 2024-02-04 10:58:39,420 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:58:39.401897427Z, notificationSubjects={component=Component[uuid=3beb4 Line 18131: 2024-02-04 10:58:55,064 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:58:55.04621805Z, notificationSubjects={component=Component[uuid=3beb40 Line 18137: 2024-02-04 10:59:08,812 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:59:08.801304896Z, notificationSubjects={component=Component[uuid=d01ec Line 18140: 2024-02-04 10:59:12,370 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:59:12.358492652Z, notificationSubjects={component=Component[uuid=d01ec Line 18144: 2024-02-04 10:59:16,036 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:59:16.025571011Z, notificationSubjects={component=Component[uuid=d01ec Line 18148: 2024-02-04 10:59:19,799 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:59:19.786611173Z, notificationSubjects={component=Component[uuid=d01ec Line 18152: 2024-02-04 10:59:26,862 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T10:59:26.848112359Z, notificationSubjects={component=Component[uuid=d6689 Line 18183: 2024-02-04 11:01:33,123 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:01:33.095824025Z, notificationSubjects={component=Component[uuid=1a257 Line 18192: 2024-02-04 11:02:03,840 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:02:03.808701703Z, notificationSubjects={component=Component[uuid=1a257 Line 18211: 2024-02-04 11:03:27,608 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:03:27.584054405Z, notificationSubjects={component=Component[uuid=ac0c7 Line 18224: 2024-02-04 11:04:14,612 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:04:14.594642238Z, notificationSubjects={component=Component[uuid=7e3df Line 18231: 2024-02-04 11:04:36,812 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:04:36.800210103Z, notificationSubjects={component=Component[uuid=7aaa0 Line 18239: 2024-02-04 11:05:00,056 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:05:00.040016496Z, notificationSubjects={component=Component[uuid=127e8 Line 18243: 2024-02-04 11:05:06,434 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:05:06.419410805Z, notificationSubjects={component=Component[uuid=127e8 Line 18251: 2024-02-04 11:05:32,641 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:05:32.626314057Z, notificationSubjects={component=Component[uuid=0d943 Line 18265: 2024-02-04 11:06:27,121 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:27.103966414Z, notificationSubjects={component=Component[uuid=d116b Line 18270: 2024-02-04 11:06:34,360 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:34.349877138Z, notificationSubjects={component=Component[uuid=19df7 Line 18273: 2024-02-04 11:06:36,221 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:36.208945074Z, notificationSubjects={component=Component[uuid=19df7 Line 18277: 2024-02-04 11:06:38,007 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:37.996958532Z, notificationSubjects={component=Component[uuid=19df7 Line 18280: 2024-02-04 11:06:39,854 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:39.843774773Z, notificationSubjects={component=Component[uuid=19df7 Line 18283: 2024-02-04 11:06:41,818 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:41.805172033Z, notificationSubjects={component=Component[uuid=19df7 Line 18287: 2024-02-04 11:06:43,922 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:43.909700467Z, notificationSubjects={component=Component[uuid=19df7 Line 18290: 2024-02-04 11:06:45,909 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:06:45.897926469Z, notificationSubjects={component=Component[uuid=19df7 Line 18318: 2024-02-04 11:08:52,652 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:08:52.623465861Z, notificationSubjects={component=Component[uuid=fd781 Line 18328: 2024-02-04 11:09:23,652 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:09:23.623007982Z, notificationSubjects={component=Component[uuid=fd781 Line 18337: 2024-02-04 11:09:53,673 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:09:53.62450306Z, notificationSubjects={component=Component[uuid=fd781e Line 18342: 2024-02-04 11:10:03,456 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:03.438857638Z, notificationSubjects={component=Component[uuid=e83ac Line 18345: 2024-02-04 11:10:05,894 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:05.882157855Z, notificationSubjects={component=Component[uuid=e83ac Line 18349: 2024-02-04 11:10:08,881 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:08.865939696Z, notificationSubjects={component=Component[uuid=e83ac Line 18355: 2024-02-04 11:10:24,040 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:24.005977905Z, notificationSubjects={component=Component[uuid=1f108 Line 18359: 2024-02-04 11:10:30,505 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:30.494698739Z, notificationSubjects={component=Component[uuid=18947 Line 18362: 2024-02-04 11:10:32,211 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:32.199463805Z, notificationSubjects={component=Component[uuid=18947 Line 18366: 2024-02-04 11:10:34,231 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:34.194029345Z, notificationSubjects={component=Component[uuid=18947 Line 18369: 2024-02-04 11:10:36,345 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:36.32561057Z, notificationSubjects={component=Component[uuid=18947a Line 18375: 2024-02-04 11:10:38,174 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:10:38.163758771Z, notificationSubjects={component=Component[uuid=18947 Line 18389: 2024-02-04 11:11:36,708 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:11:36.688595686Z, notificationSubjects={component=Component[uuid=f2cc8 Line 18395: 2024-02-04 11:11:52,333 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:11:52.316313002Z, notificationSubjects={component=Component[uuid=f2cc8 Line 18408: 2024-02-04 11:12:42,807 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:12:42.790317757Z, notificationSubjects={component=Component[uuid=95090 Line 18414: 2024-02-04 11:12:56,472 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:12:56.454842429Z, notificationSubjects={component=Component[uuid=95090 Line 18420: 2024-02-04 11:13:09,237 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:13:09.220380222Z, notificationSubjects={component=Component[uuid=95090 Line 18426: 2024-02-04 11:13:18,606 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:13:18.595064214Z, notificationSubjects={component=Component[uuid=a6c4c Line 18429: 2024-02-04 11:13:21,033 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:13:21.021810565Z, notificationSubjects={component=Component[uuid=a6c4c Line 18433: 2024-02-04 11:13:23,472 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:13:23.459965663Z, notificationSubjects={component=Component[uuid=a6c4c Line 18436: 2024-02-04 11:13:26,066 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:13:26.055228859Z, notificationSubjects={component=Component[uuid=5f16c Line 18440: 2024-02-04 11:13:28,541 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:13:28.52950074Z, notificationSubjects={component=Component[uuid=5f16c8 Line 18443: 2024-02-04 11:13:30,927 DEBUG [NotificationRouter] Matched 0 notification rules (PublishContext{notificationGroup=NEW_VULNERABILITY, notificationLevel=INFORMATIONAL, notificationScope=PORTFOLIO, notificationTimestamp=2024-02-04T11:13:30.914433924Z, notificationSubjects={component=Component[uuid=0002f

Proposed Behavior

matchIdentity query should contains only active projects. In that case, if company doesn't want to delete reports what are relating to releases (from policy reason), but periodically deactive projects what are not relevant when ci/cd pipeline calls the bomupload the request time will acceptable.

Checklist

tsimas avatar Feb 08 '24 12:02 tsimas

Note: When implementing this, also improve how the data is being loaded in the first place. The current logic is doing too much work in-memory, almost all of it could be summarized to a single SQL / JDOQL query.

https://github.com/DependencyTrack/dependency-track/blob/f5a2092e35bbccdb4fed84f6bacc45ca8e2ea252/src/main/java/org/dependencytrack/util/NotificationUtil.java#L86-L92

nscuro avatar Feb 08 '24 12:02 nscuro

Additional note: This was also discovered in Hyades. We ended up limiting the affectedProjects array to only contain the scanned project, but also include URIs that can be used to acquire the full list. Reason being that the number of affected projects is unlimited, fetching and serializing them all at once, during event processing, doesn't scale well.

https://github.com/DependencyTrack/hyades/issues/467

nscuro avatar Feb 09 '24 16:02 nscuro