Skip to main content

Track Resolved Issues

Release 173 (February 2024)

Issue ID

Description

CLM-29328

Higher heap usage leading to OOMs

CLM-28889

IndexOutOfBoundsException for length 0 for some users with specific app and org permissions

CLM-29264

IER data leakage

CLM-26122

Upgrading IQ instance using helm chart fails with liveness probe failure

CLM-28364

IQ HA fluentd logs output one JSON message object per line of a stack trace

CLM-28366

IQ HA fluentd request logs do not log elapased time like regular request.log

Release 171 (January 2024)

Issue ID

Description

CLM-26912

Advanced Search: READ permission set on an N-level organization may not work

CLM-28126

Add podAnnotations to helm charts

CLM-28352

Container scan of SELinux enabled image does not work

CLM-14238

CycloneDX license expressions

CLM-28057

Waiver on Component Name (all versions) - name based wild card matching, doesn't work.

CLM-28671

Not clear what the intended reporting should be for dependencyManagement section only declared dependencies

Release 170 (December 2023)

Issue ID

Description

CLM-27990

Support zip generator scans entire cluster directory for logs, resulting in very slow performance

CLM-28090

Upgrade cyclonedx-core-java to 8.0.0 for latest license data

CLM-28462

Poetry Scan Handle Null When Package Has No Dependencies

CLM-27992

"GET /api/v2/policyViolations" may cause Out-Of-MemoryError

CLM-25553

Report fails load, seemingly, due to a large bom.json

CLM-26176

Content Security Policy (CSP) Header Not Set (/saml/login)

Release 169 (November 2023)

Issue ID

Description

CLM-28142

Third-Party Scans fail in IQ 168 (CycloneDX, Sonatype Container) when running with H2

CLM-27724

Error parsing third-party scan file

CLM-26111

defaultHostUrl requires a trailing slash when importing applications from GitLab into our LifeCycle organizations

CLM-27022

"Import Applications" with a Host URL without trailing slash causes a 500 response

CLM-27893

Missing database index in insight_brain_third_party_scans causes poor performance

CLM-27857

SPDX 2.2 file inside component causes Nexus Azure DevOps scan to fail pipeline

CLM-27973

Do Not Validate Name In Hierarchy For Policy Update If Policy Name Is Same

CLM-27064

GitLab SCM Integration giving error 500

Release 168 (October 2023)

Issue ID

Description

CLM-25664

Repository view with Developer access is not available unless assigned with at least 2 organizations

CLM-26937

The waving a violation documentation seems out of date

CLM-27407

Increase column length for table saml_group column name

CLM-27408

Viewing Conan proxy repository report can cause "javax.persistence.NonUniqueResultException" with a 500 response.

CLM-27430

Scan Report History API throws NotFoundException for purged reports

CLM-27605

Bitbucket the repository name is case insensitive, so we should not be validating them case sensitively

CLM-27478

Increase the 500-char limit

CLM-27328

Bulk import API stalling for sequential import

CLM-24795

Data retention is not visible if the user has no access to the parent org

Release 166 (August 2023)

Issue ID

Description

CLM-26850

Repository evaluate/componentMetadata requests are significantly slower in IQ 165

CLM-26884

IQ Server can cause StackOverflowError while executing GET /api/v2/policyViolations/transitive/application

CLM-26738

GET requests to /platform/api/v2/config?property=quarantinedItemCustomMessage is returning a 404

CLM-24225

An error message is seen in the report when the component is removed from the vulnerability.

CLM-25847

Waivers for Violation page can't see the Policy waivers

CLM-26343

Scanning poetry.lock file includes development dependencies

CLM-26855

Scanning conda.txt with clair-scanner-output.json

CLM-27061

Firewall for Artifactory integration issue

CLM-26426

Fix for Policy Violation REST API

CLM-26612

Line Comment Links in Bitbucket PRs

CLM-27080

Bulk import issue

CLM-26837

Optimize persistence of policy violations