Skip to content

Analysis: support resolved_with_pedigree#5906

Draft
grahamc wants to merge 1 commit intoDependencyTrack:masterfrom
DeterminateSystems:push-okntqnrkuutl
Draft

Analysis: support resolved_with_pedigree#5906
grahamc wants to merge 1 commit intoDependencyTrack:masterfrom
DeterminateSystems:push-okntqnrkuutl

Conversation

@grahamc
Copy link
Copy Markdown

@grahamc grahamc commented Mar 13, 2026

Description

An SBOM we're using produces an analysis with resolved_with_pedigree, which does not correctly end up marking the vulnerability as resolved.

I have not tested this patch, but tried my best to pattern match my way to success.

Addressed Issue

n/a

Additional Details

We've updated our intake tooling in the meantime to replace resolved_with_pedigree with resolved.

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@owasp-dt-bot
Copy link
Copy Markdown

owasp-dt-bot commented Mar 13, 2026

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@grahamc @owasp-dt-bot