Skip to content

Make CPE matching case-insensitive#5280

Merged
nscuro merged 1 commit intoDependencyTrack:masterfrom
stohrendorf:cpe-case-insensitive
Sep 8, 2025
Merged

Make CPE matching case-insensitive#5280
nscuro merged 1 commit intoDependencyTrack:masterfrom
stohrendorf:cpe-case-insensitive

Conversation

@stohrendorf
Copy link
Copy Markdown
Contributor

@stohrendorf stohrendorf commented Sep 5, 2025

Description

This is an attempt to address issue #4663, to make CPE matching case-insensitive.

Addressed Issue

Fixes #4663

Additional Details

Since this touches areas I'm not familiar with, and since the issue is marked with size M, I'm pretty sure I missed quite a lot of things.

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@owasp-dt-bot
Copy link
Copy Markdown

owasp-dt-bot commented Sep 5, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

@codacy-production
Copy link
Copy Markdown

codacy-production bot commented Sep 5, 2025
edited
Loading

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
+0.00% (target: -1.00%) 100.00% (target: 70.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (5aa6230) 23973 19374 80.82%
Head commit (5dcdd7f) 23976 (+3) 19377 (+3) 80.82% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#5280) 16 16 100.00%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

nscuro
nscuro requested changes Sep 6, 2025
View reviewed changes
@nscuro nscuro added defect Something isn't working backport/4.13.5 PRs to be backported to v4.13.5 labels Sep 6, 2025
@nscuro nscuro added this to the 4.14.0 milestone Sep 6, 2025
@stohrendorf
Copy link
Copy Markdown
Contributor Author

stohrendorf commented Sep 6, 2025

I'm still not sure this covers everything. It feels a bit above my head, and I still got the feeling that there are cases where this will not work properly. For example, with the recent changes, I added more changes for the lucene engine, and I'm not sure how to test this properly.

@nscuro nscuro merged commit 11492ab into DependencyTrack:master Sep 8, 2025
11 checks passed
@muellerst-hg muellerst-hg mentioned this pull request Sep 9, 2025
Closed
2 tasks
@stohrendorf stohrendorf deleted the cpe-case-insensitive branch September 9, 2025 19:25
@stohrendorf stohrendorf mentioned this pull request Sep 13, 2025
Merged
5 tasks
@nscuro nscuro changed the title make CPE matching case-insensitive Make CPE matching case-insensitive Sep 13, 2025
@nscuro nscuro mentioned this pull request Oct 7, 2025
Closed
2 tasks
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 14, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@nscuro nscuro nscuro approved these changes

Assignees

No one assigned

Labels

backport/4.13.5 PRs to be backported to v4.13.5 defect Something isn't working

Projects

None yet

Milestone

4.14.0

Development

Successfully merging this pull request may close these issues.

CPEs are case-sensitive

3 participants

@stohrendorf @owasp-dt-bot @nscuro