![]() ![]() Earlier versions (prior to 168) or those running on PostgreSQL (external database) are not affected. This release fixes a critical issue that affected the command line scanning of SBOMs and containers on installations of release 168 running on the embedded H2 database. This release contains a fix for an issue with IQ High Availability (HA) pods with terabytes of data, that prolonged the startup times, Track Resolved IssuesĬlick here to see resolved issues in this release. This caused generation of empty scan reports. ![]() This release fixes an error that occurred scanning SBOMs using the Third Party Scan REST API, when the length of the id field for vulnerability objects exceeded 20. lock file containing packages with no further dependencies. This release handles the null pointer exception that was thrown when attempting to scan poetry. This release fixes an issue when loading Lifecycle Reports of large sizes. ![]() Users can include the organization Name or organizationId in their search query to fine tune the search within specific organizations. Fine Tuned Advanced SearchĪdvanced Search now supports searching for components or vulnerabilities by organization. It also shows the total number of violations that were being actively waived at the time of the scan. It is displayed for components with waived policy violations that are hidden in the aggregated view of the report. The Application Composition Report has a new Active Waivers indicator. This will eliminate the possibility of running into out-of-memory errors or slow response times for Lifecycle instances with multiple years of policy violation data. Users can utilize the new optional query parameters openTimeAfter and openTimeBefore for the Policy Violation REST API, to filter the no. We have improved the Third-Party Scan REST API, CycloneDX Application Analysis, and CycloneDX REST API to support CycloneDX schema version 1.5. Sonatype Lifecycle can now analyze and generate SBOMs in the most advanced CycloneDX 1.5 format. ![]() Users can now scan docker images saved as tar files, that were converted from OCI (Open Container Initiative) images using Skopeo. Users may experience longer upgrade times (around an hour.) Improvements Scan Skopeo Generated Docker Images This release includes several database changes to complete our transition to using the term Legacy Violations. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |