-
-
Notifications
You must be signed in to change notification settings - Fork 711
Consider OS distro during vulnerability matching #5782
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -18,8 +18,9 @@ name: "dependency-track" | |||||
|
|
||||||
| services: | ||||||
| apiserver: | ||||||
| image: dependencytrack/apiserver:snapshot-alpine | ||||||
| image: dependencytrack/apiserver:local-alpine | ||||||
|
||||||
| image: dependencytrack/apiserver:local-alpine | |
| image: dependencytrack/apiserver:snapshot-alpine |
Copilot
AI
Feb 4, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The EXTRA_JAVA_OPTIONS environment variable for memory configuration appears to be developer-specific. Consider whether this should be included in this PR or if the entire docker-compose.yml changes should be excluded from version control or documented separately as optional development configuration.
| EXTRA_JAVA_OPTIONS: "-Xmx2g" | |
| # Optional: Configure JVM options (e.g., heap size) via EXTRA_JAVA_OPTIONS in your local environment. |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -85,7 +85,7 @@ public enum ConfigPropertyConstants { | |
| VULNERABILITY_SOURCE_GITHUB_ADVISORIES_ACCESS_TOKEN("vuln-source", "github.advisories.access.token", null, PropertyType.STRING, "The access token used for GitHub API authentication"), | ||
| VULNERABILITY_SOURCE_GITHUB_ADVISORIES_LAST_MODIFIED_EPOCH_SECONDS("vuln-source", "github.advisories.last.modified.epoch.seconds", null, PropertyType.INTEGER, "Epoch timestamp in seconds of the latest observed GHSA modification time"), | ||
| VULNERABILITY_SOURCE_GOOGLE_OSV_BASE_URL("vuln-source", "google.osv.base.url", "https://osv-vulnerabilities.storage.googleapis.com/", PropertyType.URL, "A base URL pointing to the hostname and path for OSV mirroring"), | ||
| VULNERABILITY_SOURCE_GOOGLE_OSV_ENABLED("vuln-source", "google.osv.enabled", null, PropertyType.STRING, "List of enabled ecosystems to mirror OSV"), | ||
| VULNERABILITY_SOURCE_GOOGLE_OSV_ENABLED("vuln-source", "google.osv.enabled", "Alpine;Debian;Ubuntu", PropertyType.STRING, "List of enabled ecosystems to mirror OSV"), | ||
|
||
| VULNERABILITY_SOURCE_GOOGLE_OSV_ALIAS_SYNC_ENABLED("vuln-source", "google.osv.alias.sync.enabled", "false", PropertyType.BOOLEAN, "Flag to enable/disable alias synchronization for OSV"), | ||
| VULNERABILITY_SOURCE_EPSS_ENABLED("vuln-source", "epss.enabled", "true", PropertyType.BOOLEAN, "Flag to enable/disable Exploit Prediction Scoring System"), | ||
| VULNERABILITY_SOURCE_EPSS_FEEDS_URL("vuln-source", "epss.feeds.url", "https://epss.cyentia.com", PropertyType.URL, "A base URL pointing to the hostname and path of the EPSS feeds"), | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The addition of pghero service and PostgreSQL configuration for pg_stat_statements monitoring is a development-only change that doesn't relate to the PR's stated purpose of OS distro vulnerability matching. Consider excluding these development environment changes from this PR or documenting them separately if they're needed for testing/debugging the new functionality.