Avoid duplicates with alias BACKEND #3685
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR introduces a new functionality that addresses the issue of duplicate vulnerabilities by comparing the priority of sources and the aliases attached to a component.
The implementation required adding new database rows to support the changes.
To ensure the correctness of the implementation, tests have been added to validate the behavior of the updated functionality.
In addition, a new API endpoint has been added to get the actual Enabled Sources.
It is important to note that this update specifically affects the addVulnerability function and is not able to delete a vulnerability in any case.
Fronted changes: DependencyTrack/frontend#838
I'm open to discussing any changes or improvements👍🏽
Examples:
Alias Deduplication Disabled
Vulnerability source with highest priority: NVD
Vulnerability source with highest priority: GITHUB
Addressed Issue
This PR fixes #1994 and #2181
Additional Details
Add a new file named ConfigPropertyQueryManager.java to manage functions related to the EnabledSources
Checklist