Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PURL condition in Policy Management does not work #4577

Open
2 tasks done
kpe09 opened this issue Jan 22, 2025 · 0 comments
Open
2 tasks done

PURL condition in Policy Management does not work #4577

kpe09 opened this issue Jan 22, 2025 · 0 comments
Labels
defect Something isn't working in triage

Comments

@kpe09
Copy link

kpe09 commented Jan 22, 2025

Current Behavior

I was trying to create a policy using the "All" operator, which informs me if a component does not have an allowed license. When trying to exclude a component by its PURL, I'm still being notified, as if the policy is still violated. The violation can also be found in Policy Violation Audit.

Image

Steps to Reproduce

  1. Create a policy with the "All" operator that is violated if a component doesn't have an allowed license. (License group => is not => Allowed Licenses)
  2. Add an exception for a component that violates this policy, by matching the PURL. (Packacke URL (PURL) => does not match => {PURL})

Expected Behavior

The policy should not be violated if the specified PURL matches with the component's PURL.

Dependency-Track Version

4.12.2

Dependency-Track Distribution

Container Image

Database Server

N/A

Database Server Version

No response

Browser

N/A

Checklist
@kpe09 kpe09 added defect Something isn't working in triage labels Jan 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
defect Something isn't working in triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kpe09