Skip to content

Add CSAF documents as a vulnerability source #1099

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

Add CSAF documents as a vulnerability source #1099

wants to merge 2 commits into from

Conversation

lawid
Copy link

@lawid lawid commented Mar 18, 2025
edited
Loading

Description

Adds a new source of vulnerabilities to enhance matching capabilities of DependencyTrack. This PR enables the Api-Server to manage configured CSAF sources and handle its contents (when mirrored by the mirror-service).

Addressed Issue

This PR is part of #2353 to allow DependencyTrack to handle CSAF documents.

Additional Details

  • Testcontainer Postgres

Checklist

  • Set since tags in javadoc for api endpoints

  • Add changelog-csaf.xml into versioned changelog

  • I have read and understand the contributing guidelines

  • This PR fixes a defect, and I have provided tests to verify that the fix is effective

  • This PR implements an enhancement, and I have provided tests to verify that it works as intended

  • This PR introduces changes to the database model, and I have updated the migration changelog accordingly

  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lawid