Skip to content

Add project tag filter to component identity endpoint (#6089)#6523

Open
anand1416 wants to merge 1 commit into
DependencyTrack:mainfrom
anand1416:feature-6089-project-tag-filter
Open

Add project tag filter to component identity endpoint (#6089)#6523
anand1416 wants to merge 1 commit into
DependencyTrack:mainfrom
anand1416:feature-6089-project-tag-filter

Conversation

@anand1416

Copy link
Copy Markdown

Summary

This PR implements support for filtering components by project tag in the deprecated V1 component identity endpoint.

It adds a new optional query parameter:

  • projectTag

When provided, only components belonging to projects with the specified tag are returned.

Example:

GET /api/v1/component/identity?name=library&projectTag=backend

Changes

  • Added projectTag query parameter to ComponentResource
  • Propagated the parameter through QueryManager
  • Added project tag filtering logic in ComponentQueryManager

Closes #6089.

@owasp-dt-bot

owasp-dt-bot commented Jun 26, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@codacy-production

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 duplication

Metric Results
Duplication 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

Signed-off-by: Anand Nawale <anandnawale1416@gmail.com>
@anand1416 anand1416 force-pushed the feature-6089-project-tag-filter branch from 1bdc1c7 to de5c3c7 Compare June 26, 2026 16:10
@anand1416

Copy link
Copy Markdown
Author

The failing CI job appears to be unrelated to this change.

According to the test report, the only failing test is:

org.dependencytrack.vulndatasource.nvd.NvdVulnDataSourceTest

which fails while downloading the NVD feed:

Failed to download feed file from https://nvd.nist.gov/feeds/json/cve/2.0/nvdcve-2.0-2026.json.gz

My changes are limited to the V1 component identity endpoint (ComponentResource, QueryManager, and ComponentQueryManager) and do not affect the NVD data source.

Please let me know if you'd like me to investigate further or if this is a transient CI issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Filter components by project tag

2 participants