Track Resolved Issues
Release 175 (April 2024)
Issue ID | Description |
---|---|
CLM-29616 | Analysis of a Docker image saved as a tar file results in “Component-Unknown” |
CLM-29430 | "null" is shown before the root organization name |
CLM-29339 | OutOfMemoryError possible in com.sonatype.insight.brain.search.index.IndexService.updateIndex because it loads all of search_index_change table into heap |
CLM-29971 | Per Repository Policy Management does not work with Repository Firewall license {also referred to as Issue ID NEXUS-42040} |
Release 174 (March 2024)
Issue ID | Description |
---|---|
CLM-28910 | Scanning SBOM fails with java.lang.illegalStateException: Duplicate key |
CLM-29382 | "/api/v2/applications" can be slow when requesting all applications |
CLM-29558 | H2 DB Export emitting invalid SQL for firewall_metrics table |
CLM-29431 | IER missing userFirstName for LDAP realm |
Release 173 (February 2024)
Issue ID | Description |
---|---|
CLM-29328 | Higher heap usage leading to OOMs |
CLM-28889 | IndexOutOfBoundsException for length 0 for some users with specific app and org permissions |
CLM-29264 | IER data leakage |
CLM-26122 | Upgrading IQ instance using helm chart fails with liveness probe failure |
CLM-28364 | IQ HA fluentd logs output one JSON message object per line of a stack trace |
CLM-28366 | IQ HA fluentd request logs do not log elapased time like regular request.log |
Release 171 (January 2024)
Issue ID | Description |
---|---|
CLM-26912 | Advanced Search: READ permission set on an N-level organization may not work |
CLM-28126 | Add podAnnotations to helm charts |
CLM-28352 | Container scan of SELinux enabled image does not work |
CLM-14238 | CycloneDX license expressions |
CLM-28057 | Waiver on Component Name (all versions) - name based wild card matching, doesn't work. |
CLM-28671 | Not clear what the intended reporting should be for dependencyManagement section only declared dependencies |
Release 170 (December 2023)
Issue ID | Description |
---|---|
CLM-27990 | Support zip generator scans entire cluster directory for logs, resulting in very slow performance |
CLM-28090 | Upgrade cyclonedx-core-java to 8.0.0 for latest license data |
CLM-28462 | Poetry Scan Handle Null When Package Has No Dependencies |
CLM-27992 | "GET /api/v2/policyViolations" may cause Out-Of-MemoryError |
CLM-25553 | Report fails load, seemingly, due to a large bom.json |
CLM-26176 | Content Security Policy (CSP) Header Not Set (/saml/login) |
Release 169 (November 2023)
Issue ID | Description |
---|---|
CLM-28142 | Third-Party Scans fail in IQ 168 (CycloneDX, Sonatype Container) when running with H2 |
CLM-27724 | Error parsing third-party scan file |
CLM-26111 | defaultHostUrl requires a trailing slash when importing applications from GitLab into our LifeCycle organizations |
CLM-27022 | "Import Applications" with a Host URL without trailing slash causes a 500 response |
CLM-27893 | Missing database index in insight_brain_third_party_scans causes poor performance |
CLM-27857 | SPDX 2.2 file inside component causes Nexus Azure DevOps scan to fail pipeline |
CLM-27973 | Do Not Validate Name In Hierarchy For Policy Update If Policy Name Is Same |
CLM-27064 | GitLab SCM Integration giving error 500 |
Release 168 (October 2023)
Issue ID | Description |
---|---|
CLM-25664 | Repository view with Developer access is not available unless assigned with at least 2 organizations |
CLM-26937 | The waving a violation documentation seems out of date |
CLM-27407 | Increase column length for table saml_group column name |
CLM-27408 | Viewing Conan proxy repository report can cause "javax.persistence.NonUniqueResultException" with a 500 response. |
CLM-27430 | Scan Report History API throws NotFoundException for purged reports |
CLM-27605 | Bitbucket the repository name is case insensitive, so we should not be validating them case sensitively |
CLM-27478 | Increase the 500-char limit |
CLM-27328 | Bulk import API stalling for sequential import |
CLM-24795 | Data retention is not visible if the user has no access to the parent org |
Release 166 (August 2023)
Issue ID | Description |
---|---|
CLM-26850 | Repository evaluate/componentMetadata requests are significantly slower in IQ 165 |
CLM-26884 | IQ Server can cause StackOverflowError while executing GET /api/v2/policyViolations/transitive/application |
CLM-26738 | GET requests to /platform/api/v2/config?property=quarantinedItemCustomMessage is returning a 404 |
CLM-24225 | An error message is seen in the report when the component is removed from the vulnerability. |
CLM-25847 | Waivers for Violation page can't see the Policy waivers |
CLM-26343 | Scanning poetry.lock file includes development dependencies |
CLM-26855 | Scanning conda.txt with clair-scanner-output.json |
CLM-27061 | Firewall for Artifactory integration issue |
CLM-26426 | Fix for Policy Violation REST API |
CLM-26612 | Line Comment Links in Bitbucket PRs |
CLM-27080 | Bulk import issue |
CLM-26837 | Optimize persistence of policy violations |