Add project direct_dependencies in components API

sahibamittal · sahibamittal · commit 7471c9f8712e · 2026-03-20T17:02:12.000Z
diff --git a/api/src/main/openapi/components/schemas/component-project.yaml b/api/src/main/openapi/components/schemas/component-project.yaml
@@ -24,4 +24,6 @@ properties:
     maxLength: 255
   uuid:
     type: string
-    format: uuid
+    format: uuid
+  direct_dependencies:
+    type: string
diff --git a/apiserver/src/main/java/org/dependencytrack/persistence/jdbi/ComponentDao.java b/apiserver/src/main/java/org/dependencytrack/persistence/jdbi/ComponentDao.java
@@ -283,7 +283,8 @@ default Page<Component> listComponents(
                         "L"."NAME" AS "licenseName",
                         "PROJECT"."NAME" AS "projectName",
                         "PROJECT"."UUID" AS "projectUuid",
-                        "PROJECT"."VERSION" AS "projectVersion"
+                        "PROJECT"."VERSION" AS "projectVersion",
+                        "PROJECT"."DIRECT_DEPENDENCIES" AS "projectDirectDependencies"
                 FROM "COMPONENT" "C"
                 INNER JOIN "PROJECT" ON "C"."PROJECT_ID" = "PROJECT"."ID"
                 LEFT OUTER JOIN "LICENSE" "L" ON "C"."LICENSE_ID" = "L"."ID"
@@ -346,6 +347,7 @@ public Component map(final ResultSet rs, final StatementContext ctx) throws SQLE
                 project.setUuid(UUID.fromString(rs.getString("projectUuid")));
                 maybeSet(rs, "projectName", ResultSet::getString, project::setName);
                 maybeSet(rs, "projectVersion", ResultSet::getString, project::setVersion);
+                maybeSet(rs, "projectDirectDependencies", ResultSet::getString, project::setDirectDependencies);
                 component.setProject(project);
             }
             maybeSet(rs, "componentPurl", ResultSet::getString, component::setPurl);
diff --git a/apiserver/src/main/java/org/dependencytrack/resources/v2/ComponentsResource.java b/apiserver/src/main/java/org/dependencytrack/resources/v2/ComponentsResource.java
@@ -77,7 +77,7 @@ public class ComponentsResource extends AbstractApiResource implements Component
     public Response createComponent(final CreateComponentRequest request) {
         final UUID projectUuid = request.getProjectUuid();
         try (QueryManager qm = new QueryManager()) {
-            final Component componentCreated = qm.callInTransaction(() -> {
+            qm.callInTransaction(() -> {
                 final Project project = qm.getObjectByUuid(Project.class, projectUuid);
                 if (project == null) {
                     throw new NotFoundException();
diff --git a/apiserver/src/main/java/org/dependencytrack/resources/v2/mapping/ModelMapper.java b/apiserver/src/main/java/org/dependencytrack/resources/v2/mapping/ModelMapper.java
@@ -62,6 +62,7 @@ public static ComponentProject mapProject(org.dependencytrack.model.Project proj
                 .name(project.getName())
                 .version(project.getVersion())
                 .uuid(project.getUuid())
+                .directDependencies(project.getDirectDependencies())
                 .build();
     }
 
diff --git a/apiserver/src/test/java/org/dependencytrack/resources/v2/ComponentsResourceTest.java b/apiserver/src/test/java/org/dependencytrack/resources/v2/ComponentsResourceTest.java
@@ -26,6 +26,7 @@
 import org.dependencytrack.ResourceTest;
 import org.dependencytrack.auth.Permissions;
 import org.dependencytrack.model.Component;
+import org.dependencytrack.model.ComponentIdentity;
 import org.dependencytrack.model.Project;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.RegisterExtension;
@@ -163,7 +164,8 @@ public void listComponentsByIdentityPaginationTest() {
                         "project": {
                             "name": "projectA",
                             "version": "1.0",
-                            "uuid": "${json-unit.any-string}"
+                            "uuid": "${json-unit.any-string}",
+                            "direct_dependencies": "${json-unit.any-string}"
                         }
                       },
                       {
@@ -352,7 +354,8 @@ public void listComponentsByIdentityWithProjectTest() {
                         "project": {
                             "name": "projectA",
                             "version": "1.0",
-                            "uuid": "${json-unit.any-string}"
+                            "uuid": "${json-unit.any-string}",
+                            "direct_dependencies": "${json-unit.any-string}"
                         }
                       }
                   ]
@@ -399,7 +402,8 @@ public void listComponentsByIdentityAclTest() {
                         "project": {
                             "name": "projectA",
                             "version": "1.0",
-                            "uuid": "${json-unit.any-string}"
+                            "uuid": "${json-unit.any-string}",
+                            "direct_dependencies": "${json-unit.any-string}"
                         }
                       }
                   ]
@@ -418,6 +422,7 @@ private void prepareComponents() {
         componentA.setCpe("cpe:2.3:a:groupA:nameA:versionA:*:*:*:*:*:*:*");
         componentA.setPurl("pkg:maven/groupA/nameA@versionA?foo=bar");
         qm.createComponent(componentA, false);
+        projectA.setDirectDependencies("[%s]".formatted(new ComponentIdentity(componentA).toJSON()));
 
         final Project projectB = qm.createProject("projectB", null, "1.0", null, null, null, null, false);
         var componentB = new Component();

Original file line number	Diff line number	Diff line change
`@@ -62,6 +62,7 @@ public static ComponentProject mapProject(org.dependencytrack.model.Project proj`
`62`	`62`	`.name(project.getName())`
`63`	`63`	`.version(project.getVersion())`
`64`	`64`	`.uuid(project.getUuid())`
	`65`	`+ .directDependencies(project.getDirectDependencies())`
`65`	`66`	`.build();`
`66`	`67`	`}`
`67`	`68`
Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,7 @@`
`26`	`26`	`import org.dependencytrack.ResourceTest;`
`27`	`27`	`import org.dependencytrack.auth.Permissions;`
`28`	`28`	`import org.dependencytrack.model.Component;`
	`29`	`+import org.dependencytrack.model.ComponentIdentity;`
`29`	`30`	`import org.dependencytrack.model.Project;`
`30`	`31`	`import org.junit.jupiter.api.Test;`
`31`	`32`	`import org.junit.jupiter.api.extension.RegisterExtension;`
`@@ -163,7 +164,8 @@ public void listComponentsByIdentityPaginationTest() {`
`163`	`164`	`"project": {`
`164`	`165`	`"name": "projectA",`
`165`	`166`	`"version": "1.0",`
`166`		`- "uuid": "${json-unit.any-string}"`
	`167`	`+ "uuid": "${json-unit.any-string}",`
	`168`	`+ "direct_dependencies": "${json-unit.any-string}"`
`167`	`169`	`}`
`168`	`170`	`},`
`169`	`171`	`{`
`@@ -352,7 +354,8 @@ public void listComponentsByIdentityWithProjectTest() {`
`352`	`354`	`"project": {`
`353`	`355`	`"name": "projectA",`
`354`	`356`	`"version": "1.0",`
`355`		`- "uuid": "${json-unit.any-string}"`
	`357`	`+ "uuid": "${json-unit.any-string}",`
	`358`	`+ "direct_dependencies": "${json-unit.any-string}"`
`356`	`359`	`}`
`357`	`360`	`}`
`358`	`361`	`]`
`@@ -399,7 +402,8 @@ public void listComponentsByIdentityAclTest() {`
`399`	`402`	`"project": {`
`400`	`403`	`"name": "projectA",`
`401`	`404`	`"version": "1.0",`
`402`		`- "uuid": "${json-unit.any-string}"`
	`405`	`+ "uuid": "${json-unit.any-string}",`
	`406`	`+ "direct_dependencies": "${json-unit.any-string}"`
`403`	`407`	`}`
`404`	`408`	`}`
`405`	`409`	`]`
`@@ -418,6 +422,7 @@ private void prepareComponents() {`
`418`	`422`	`componentA.setCpe("cpe:2.3:a:groupA:nameA:versionA:::::::*");`
`419`	`423`	`componentA.setPurl("pkg:maven/groupA/nameA@versionA?foo=bar");`
`420`	`424`	`qm.createComponent(componentA, false);`
	`425`	`+ projectA.setDirectDependencies("[%s]".formatted(new ComponentIdentity(componentA).toJSON()));`
`421`	`426`
`422`	`427`	`final Project projectB = qm.createProject("projectB", null, "1.0", null, null, null, null, false);`
`423`	`428`	`var componentB = new Component();`