Enhancement: make Vulnerability objects comparable by fields #463
Labels
enhancement
New feature or request
Comments
This was referenced Jul 20, 2024
SaberStrat
pushed a commit
to SaberStrat/dependency-track
that referenced
this issue
Jul 25, 2024
Use all fields of Vulnerability objects, except for `affects`, for deduplicated. Requires CycloneDX/cyclonedx-core-java#463. Signed-off-by: Kirill.Sybin <kirill.sybin@lex-com.net>
SaberStrat
pushed a commit
to SaberStrat/dependency-track
that referenced
this issue
Aug 7, 2024
Use all fields of Vulnerability objects, except for `affects`, for deduplicated. Requires CycloneDX/cyclonedx-core-java#463. Signed-off-by: Kirill.Sybin <kirill.sybin@lex-com.net>
SaberStrat
pushed a commit
to SaberStrat/dependency-track
that referenced
this issue
Aug 7, 2024
Bump library to use the version containing the required enchangement CycloneDX/cyclonedx-core-java#463 Signed-off-by: Kirill.Sybin <kirill.sybin@lex-com.net>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
One way to fix DependencyTrack/dependency-track#3834 and make
vulnerabilitieselements in BOMs and VEXs unique, is to make Vulnerability objects comparable to one another on a fields basis. To get this, we need customequalsandhashCodemethods.This would be part of the fix to the above issue I'm working on in the PR DependencyTrack/dependency-track#3948.
The text was updated successfully, but these errors were encountered: