Track Resolved Issues

The user assigned to owner/developer for a repository instance on IQ cannot see the repositories under Orgs & policies.

Support layer tar files containing files with absolute paths

Repository report is using incorrect permissions check for adding waivers

IQ CLI does not provide means to bypass proxy when using --proxy flag

Unable to analyze CycloneDX SBOM generated from IQ

CLM-29765

The "Request Waiver" button no longer shows up for a user who has Policy Admin and Developer roles

Analysis of a Docker image saved as a tar file results in “Component-Unknown”

CLM-29430

"null" is shown before the root organization name

Scanning SBOM fails with java.lang.illegalStateException: Duplicate key

CLM-29558

H2 DB Export emitting invalid SQL for firewall_metrics table

Higher heap usage leading to OOMs

CLM-28889

IndexOutOfBoundsException for length 0 for some users with specific app and org permissions

CLM-29264

IER data leakage

CLM-26122

Upgrading IQ instance using helm chart fails with liveness probe failure

CLM-28364

IQ HA fluentd logs output one JSON message object per line of a stack trace

CLM-28366

IQ HA fluentd request logs do not log elapased time like regular request.log

Advanced Search: READ permission set on an N-level organization may not work

CLM-28126

Add podAnnotations to helm charts

CLM-28352

Container scan of SELinux enabled image does not work

CLM-14238

CycloneDX license expressions

CLM-28057

Waiver on Component Name (all versions) - name based wild card matching, doesn't work.

CLM-28671

Not clear what the intended reporting should be for dependencyManagement section only declared dependencies

Support zip generator scans entire cluster directory for logs, resulting in very slow performance

CLM-28090

Upgrade cyclonedx-core-java to 8.0.0 for latest license data

CLM-28462

Poetry Scan Handle Null When Package Has No Dependencies

CLM-27992

"GET /api/v2/policyViolations" may cause Out-Of-MemoryError

CLM-25553

Report fails load, seemingly, due to a large bom.json

CLM-26176

Content Security Policy (CSP) Header Not Set (/saml/login)

Third-Party Scans fail in IQ 168 (CycloneDX, Sonatype Container) when running with H2

CLM-27724

Error parsing third-party scan file

CLM-26111

defaultHostUrl requires a trailing slash when importing applications from GitLab into our LifeCycle organizations

CLM-27022

"Import Applications" with a Host URL without trailing slash causes a 500 response

CLM-27893

Missing database index in insight_brain_third_party_scans causes poor performance

CLM-27857

SPDX 2.2 file inside component causes Nexus Azure DevOps scan to fail pipeline

CLM-27973

Do Not Validate Name In Hierarchy For Policy Update If Policy Name Is Same

CLM-27064

GitLab SCM Integration giving error 500

Repository view with Developer access is not available unless assigned with at least 2 organizations

CLM-26937

The waving a violation documentation seems out of date

CLM-27407

Increase column length for table saml_group column name

CLM-27408

Viewing Conan proxy repository report can cause "javax.persistence.NonUniqueResultException" with a 500 response.

CLM-27430

Scan Report History API throws NotFoundException for purged reports

CLM-27605

Bitbucket the repository name is case insensitive, so we should not be validating them case sensitively

CLM-27478

Increase the 500-char limit

CLM-27328

Bulk import API stalling for sequential import

CLM-24795

Data retention is not visible if the user has no access to the parent org