DependencyTrack
Coordinates condition parameters
Current Behavior
Currently when we use coordinates condition inside policies, it's needed to fill all fields (group, name, version) otherwise match doesn't work.
Proposed Behavior
Evaluate condition only when conditionValue is not emtpy - e.g. group, name, version in condition contains some value
Checklist
- [x] I have read and understand the contributing guidelines
- [x] I have checked the existing issues for whether this enhancement was already requested
This would mean a breaking change, since you wouldn't be able to exactly match a component without a group anymore. If you want to match anything, just enter *. In general, the fields support regular expressions.
Maybe I don't get your point, but if you would like to match an empty group then you put something like this ^$ to group.
My concern is that you have to enter each field even when you don't want to check it.
From UX perspective it either should contain warning in UI that all fields should be entered or that there is actually match for empty string. It took me some time until I realised that I have to enter some values everywhere.
From UX perspective it either should contain warning in UI that all fields should be entered or that there is actually match for empty string. It took me some time until I realized that I have to enter some values everywhere.
To add, using the SPA UI; Components page allows to search over Group / Name / Version and doesn't behave as Policy editor should at least from stohrendorf description: all field seems to match anything by default if one the three is not empty.
