Conversation
shantyk
approved these changes
Apr 30, 2026
shantyk
added a commit
that referenced
this pull request
May 7, 2026
* poc for correlated scanning endpoint * fix hardcoding and other bugs * adjust accept header * disable binary scans * no version is okay in component detection * Release 11.4.0-SIGQA1-dterry.IDETECT-4817-correlated-scans * Using the next snapshot post release 11.4.0-SIGQA2-dterry.IDETECT-4817-correlated-scans-SNAPSHOT * pass correlation decisions to signature scans * properly check package manager scans * standardize package manager checks * Release 11.4.0-SIGQA2-dterry.IDETECT-4817-correlated-scans * Using the next snapshot post release 11.4.0-SIGQA3-dterry.IDETECT-4817-correlated-scans-SNAPSHOT * new server properties section * boolean logging * Update tomlj library to latest version * Resolve the antlr conflict with other dependency * Upgrade antlr version * Upgrade antlr version * add test * Update NpmCliParser.java use actualName * Release 11.4.0-SIGQA3-dterry.IDETECT-4817-correlated-scans * Using the next snapshot post release 11.4.0-SIGQA4-dterry.IDETECT-4817-correlated-scans-SNAPSHOT * added release note * Release 11.4.0-SIGQA9 * Using the next snapshot post release 11.4.0-SIGQA10-SNAPSHOT * safety addition for stateless and finalize mime type * Migrate Bitbake to use graphviz library * Release 11.4.0-SIGQA10-devm.IDETECT-5058 * add server properties to status.json * Using the next snapshot post release 11.4.0-SIGQA11-devm.IDETECT-5058-SNAPSHOT * Update currentreleasenotes.md * Release 11.4.0-SIGQA4-dterry.IDETECT-4817-correlated-scans * Using the next snapshot post release 11.4.0-SIGQA5-dterry.IDETECT-4817-correlated-scans-SNAPSHOT * Update commonproblems.md * Update DetectProperties.java * Update currentreleasenotes.md remove this change imported from another PR (Will get covered under that PR) * Update commonproblems.md * code review updates * further code review improvements * fix output to show only actual values * Update commonproblems.md fix typo * Release 11.4.0-SIGQA10 * Using the next snapshot post release 11.4.0-SIGQA11-SNAPSHOT * Release 11.4.0-SIGQA11-devm.IDETECT-5058 * Release 11.4.0-SIGQA12-devm.IDETECT-5058 * Release 11.4.0-SIGQA11-devm.IDETECT-5058 * Using the next snapshot post release 11.4.0-SIGQA12-devm.IDETECT-5058-SNAPSHOT * update docs to describe correlated server property * Check if correlation scanning was enabled for fallback scenario * Add doc changes for previous tickets * Address review comment * Address review comment * feat(bazel): faster discovery path for HTTP-archive family repositories in Bzlmod projects (Bazel 7.1+) (#1709) * Update currentreleasenotes.md * Update currentreleasenotes.md * Update commonproblems.md * Release 11.4.0-SIGQA12 * Using the next snapshot post release 11.4.0-SIGQA13-SNAPSHOT * Add support for .slnx files in NuGet Solution Native Inspector (#1688) * Add support for .slnx files in NuGet Solution Native Inspector * Release notes * WIP chnages * Remove comments and whitespace in diff * rev bouncy castle and plexutil libs * (fix/refactor): Remove unnecessary calls to Notification APIs (IDETECT-4992) (#1708) * Notification APIs: remove unnecessary calls * Don't wait at BOM level for IAC or impact analysis scans since we cannot check their completion status via notifications or bom status. This is existing behaviour, setting wait to true was a noop. * Refactor Impact Analysis upload operation to createCodeLocationsWithoutNotificationTaskRange. Prevents call to notifications API for which the results were never used downstream, CodeLocationCreationData's NotificationTaskRange is null. * Latest IntelligentModeStepRunner changes * Pkg mngr and signature updates * Testing for regressions * Remove unused impact analysis related methods * Remove unused ImpactAnalysisToolResult class * Deprecate shouldWaitAtScanLevel since it simply checks if a server version exists and is at least 2023.1.1 which has reached end of service. * Update bd-common version with soon to be released lib version * Propogate removal of shouldWaitAtScanLevel to signature scanner * Remove prescass pkg mngr BDIO code location upload from being considered a waitable (via notifications). * Minor updates * Rename back to uploadBdioFiles * Clean up comments * Revert changes to waitable signature scanner code loctaion * Remove comments in signaturescansteprunner * Add missed method update for binary upload * Remove NotificationTaskRange param from WaitableCodeLocationData constructor as it is no longer used. * Fix whitespace in diff * Fix method rename issue after rebase * Fix regression wrt correlated scanning. Correlated scan count calculations are tightly coupled with the legacy idea of a waitable code location. * Bump bd-common version 68.0.0 * Release 11.4.0-SIGQA13 * Using the next snapshot post release 11.4.0-SIGQA14-SNAPSHOT * Release 11.4.0-SIGQA14 * Using the next snapshot post release 11.4.0-SIGQA15-SNAPSHOT * rework release note * fix(bazel) - Change info logs to debug logs (#1734) * Release 11.4.0-SIGQA15 * Using the next snapshot post release 11.4.0-SIGQA16-SNAPSHOT * Support for customizing the output directory for Quack Patch (#1713) * Support for customizing quack patch output directory * updated release note for the new flag * Release 11.4.0-SIGQA10-IDETECT-5066 * Using the next snapshot post release 11.4.0-SIGQA11-IDETECT-5066-SNAPSHOT * fix * updated docs * Release 11.4.0-SIGQA14-IDETECT-5066 * Using the next snapshot post release 11.4.0-SIGQA15-IDETECT-5066-SNAPSHOT * fix invalid path case * Release 11.4.0-SIGQA15-IDETECT-5066 * Using the next snapshot post release 11.4.0-SIGQA16-IDETECT-5066-SNAPSHOT * updated release note as suggested --------- Co-authored-by: blackduck-serv-builder <serv-builder@blackducksoftware.com> * Release 11.4.0-SIGQA16 * Using the next snapshot post release 11.4.0-SIGQA17-SNAPSHOT * Warn Java 8 End of Support in logs (#1737) * Update currentreleasenotes.md Updates and omissions * fix compatibility error with java 8 (#1742) * Release 11.4.0-SIGQA17 * Using the next snapshot post release 11.4.0-SIGQA18-SNAPSHOT * Remove logic to not create project version in case of empty detector bdio (#1747) * Release 11.4.0-SIGQA18 * Using the next snapshot post release 11.4.0-SIGQA19-SNAPSHOT * Increase signatur escan code location count by the number of successful code location paths (#1748) * Release 11.4.0-SIGQA19 * Using the next snapshot post release 11.4.0-SIGQA20-SNAPSHOT * Send quack patch custom output path to nuget inspector invocation (#1749) * Release 11.4.0-SIGQA20 * Using the next snapshot post release 11.4.0-SIGQA21-SNAPSHOT * Release 11.4.0 * Using the next snapshot post release 11.4.1-SNAPSHOT * Fix release notes for 11.4.1 release (#1750) * Update topics.ditamap (#1751) * Release 11.4.1 * Using the next snapshot post release 11.4.2-SNAPSHOT * Empty current release notes for 11.5.0 --------- Co-authored-by: dterrybd <dterry@blackduck.com> Co-authored-by: blackduck-serv-builder <serv-builder@blackducksoftware.com> Co-authored-by: dterrybd <103214400+dterrybd@users.noreply.github.com> Co-authored-by: devmehtabd <devmehta@blackduck.com> Co-authored-by: cpottsbd <36172712+cpottsbd@users.noreply.github.com> Co-authored-by: Dev Mehta <128397570+devmehtabd@users.noreply.github.com> Co-authored-by: Samrat Mukherjee <samratmuk@blackduck.com> Co-authored-by: Aditya Byreddy <37792774+sig-abyreddy@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
update version