GithubMetaAnalyzer ignore repositoryUrl if repositoryPassword is empty

Open ShuP1 opened this issue 2 weeks ago • 0 comments

Current Behavior

GithubMetaAnalyzer still calls github.com even if a proxy URL is set in Administration > Repositories > GitHub

Note: unless a password is set https://github.com/DependencyTrack/dependency-track/blob/4.13.0/src/main/java/org/dependencytrack/tasks/repositories/GithubMetaAnalyzer.java#L124

Steps to Reproduce

In Administration > Repositories > GitHub, replace URL https://github.com with another URL. Do not set password
Let GithubMetaAnalyzer run
It fails because github.com is not reachable

Expected Behavior

Would use URL provided in settings

Dependency-Track Version

4.13.6

Dependency-Track Distribution

Container Image

Database Server

PostgreSQL

Database Server Version

No response

Browser

Mozilla Firefox

Checklist

[x] I have read and understand the contributing guidelines
[x] I have checked the existing issues for whether this defect was already reported

Dec 10 '25 12:12 ShuP1