Skip to content

Implement user-managed vuln policies #1975

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
nscuro merged 1 commit into from
Apr 16, 2026

Implement user-managed vuln policies

8ab53c3
Select commit
Loading
Failed to load commit list.
Merged

Implement user-managed vuln policies #1975

Implement user-managed vuln policies
8ab53c3
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis succeeded Apr 16, 2026 in 0s

Your pull request is up to standards!

Codacy found no issues in your code

Annotations

Check notice on line 368 in apiserver/src/main/java/org/dependencytrack/persistence/jdbi/VulnerabilityPolicyDao.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/main/java/org/dependencytrack/persistence/jdbi/VulnerabilityPolicyDao.java#L368 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check warning on line 248 in apiserver/src/main/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivity.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/main/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivity.java#L248 

The method 'parseAndValidatePolicies(BundleFile)' has an NPath complexity of 778, current threshold is 200

Check warning on line 336 in apiserver/src/main/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivity.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/main/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivity.java#L336 

The method 'reconcilePolicies(VulnerabilityPolicyDao, long, List)' has an NPath complexity of 240, current threshold is 200

Check warning on line 460 in apiserver/src/main/java/org/dependencytrack/resources/v2/VulnPoliciesResource.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/main/java/org/dependencytrack/resources/v2/VulnPoliciesResource.java#L460 

Avoid long parameter lists.

Check warning on line 487 in apiserver/src/main/java/org/dependencytrack/resources/v2/VulnPoliciesResource.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/main/java/org/dependencytrack/resources/v2/VulnPoliciesResource.java#L487 

The method 'convert(VulnPolicyDetailRow)' has an NPath complexity of 320, current threshold is 200

Check warning on line 393 in apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java#L393 

JUnit tests should include assert() or fail()

Check warning on line 415 in apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java#L415 

JUnit tests should include assert() or fail()

Check warning on line 436 in apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java#L436 

JUnit tests should include assert() or fail()

Check notice on line 484 in apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java#L484 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 495 in apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java#L495 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.

Check notice on line 506 in apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

apiserver/src/test/java/org/dependencytrack/policy/vulnerability/SyncVulnPolicyBundleActivityTest.java#L506 

Fields should be declared at the top of the class, before any method declarations, constructors, initializers or inner classes.
View more details on Codacy Production