Niklas
Niklas
Working on my changes here: https://github.com/MM-msr/dependency-track/pull/3
Admittedly I struggled with finding the time to complete this but it's finally done, you can find the final result, including a high-level description of how this PR evolved here:...
Superseded by #4783
The retry behavior is configured here: https://github.com/DependencyTrack/dependency-track/blob/76eaad1ac6f8b5dbb5d55a0439b57512a5de5802/src/main/java/org/dependencytrack/tasks/scanners/OssIndexAnalysisTask.java#L102-L113 Note `withTransientErrorCode` which checks if the response code is any of the following: https://github.com/DependencyTrack/dependency-track/blob/76eaad1ac6f8b5dbb5d55a0439b57512a5de5802/src/main/java/org/dependencytrack/util/RetryUtil.java#L54-L59 and `withTransientCause`, which checks if the thrown exception is...
Thanks for clarifying! I misunderstood the original post. You are absolutely correct in your observation.
Hmmm, that's a very good point. There were some discussions around supporting multiple sources of health metrics. Already a complex undertaking, but it will be more complex if those sources...
Can you elaborate a bit on the background of this issue? I can't quite follow how release notes play into this.
The issue seems to be that *BOM Processing V2* populates the `purl` field of a project during BOM import, based on `metadata.component.purl` in the BOM. Which is something that should...
Are you using project cloning by chance? This bug was fixed in 4.11: #3464
@Sp33dy42 Cloning happens either via `/api/v1/project/clone` REST API endpoint, or when using the *Add Version* functionality in the frontend. DT versions prior to v4.11 had a bug where the attribution...