Comments (4)
Also note that this API seems to respect ?offset=
but not limit=
or page=
.
from dependency-track.
That not all fields are returned for every API endpoint is kind of intended. Component
has lots of fields, some of them are large themselves (e.g. directDependencies
). Listing components of a project thus becomes expensive, due to network and serialization cost alone.
Ideally, listing many components would only yield surface-level fields such as identifiers. For more details, each component would need to be requested explicitly (or in bulk by providing multiple UUIDs for example).
I do agree that the API spec needs to make such behavior clear though. The fact that it doesn't is a symptom of reusing the same model classes across all endpoints.
Also note that this API seems to respect ?offset= but not limit= or page=.
Also agree. The reason those are currently not part of the OpenAPI spec, is that they are implicit, and not every endpoint has explicit definitions for them. The good news is that this is easily solvable for us using the ApiImplicitParam
annotation.
There are multiple improvements towards the OpenAPI spec coming in v4.11, I might be able to squeeze that in as well. It's literally just copy-pasting annotations hopefully.
from dependency-track.
Sorry, misread what you meant with:
Also note that this API seems to respect ?offset= but not limit= or page=.
I think the parameters you're looking for are pageNumber
and pageSize
. Those are used by the frontend as well, it is what enables the paging in the Project -> Components tab.
This kind of alludes to what I mentioned in my answer above: The pagination parameters are missing from the OpenAPI spec.
from dependency-track.
Documentation for pagination parameters is coming with #3625.
from dependency-track.
Related Issues (20)
- Vulnerabilities caused by Alpine 2.2.5 HOT 2
- World Kinect has adopted Dependency Track HOT 3
- The Audit Vulnerabilities list query is too slow HOT 1
- False Alerts on Old Versions of Dependencies in Slack Notifications
- Add a warning or an error when the bom version is not supported HOT 1
- Unable to Login to Depenedency Track even part of LDAP group mapped with Administartors team
- false postive delected by dependency track HOT 1
- Upgrade DependencyTrack apiserver fails without exception on computing severity where value is NULL HOT 3
- CVE-2020-4682 not returned for project having IBM MQ vulnerable dependency HOT 2
- Dependency Track API fails to start in Fargate Task HOT 2
- [Defect] Error during the OSV download task for the GIT ecosystem HOT 2
- Update to SPDX License List 3.24.0
- CycloneDX BOM validation fails when URLs contain %-encoded '[' and ']' characters HOT 1
- /vulnerabilityAudit - "Show inactive projects" filter is inverted HOT 2
- Dependency tracker not loading HOT 2
- VEX export returns invalid cyclonedx
- dependencytrack/apiserver not running while configuring Postgresql db with Docker Compose HOT 3
- Usability of VulnerabilityAudit
- H2 Database error preventing Dependency Track to run HOT 1
- Can't get teams synchronized/OIDC groups added with GitLab OIDC HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dependency-track.