Fixed Issues in 2021.10.0

The following customer-reported issues were fixed in this release:

  • (HUB-29413). Searching for components in the Add Component or Edit Component modals is now more accurate, and Custom Components are more easily found.

  • (HUB-26545 and HUB-30185). Fixed an issue where the following Public REST API endpoints did not update the componentModification, componentModified, and componentPurpose component conditions as expected. 
    • /api/projects/{projectId}/versions/{projectVersionId}/components/{componentId}
    • /api/projects/{projectId}/versions/{projectVersionId}/components/{componentId}/versions/{componentVersionId}

  • (HUB-30474). Fixed an issue where the count displayed on the Affected Projects page was not matching the actual results when the user has no access to certain projects.

  • (HUB-30623). Fixed issues where a number of client-initiated errors were creating heavy log churn via logging of stacktraces or were incorrectly logged at a more severe log level than they actually represented.

  • (HUB-30099). Fixed an issue where Vulnerability statuses were not updated for existing BOMs by KB update. BoM Component-Version Vulnerability remediations (found in the BoM-security view) will now be updated by the KB Update Job when the remediation status changes if the current status is not user or system updated.

  • (HUB-29773). Fixed an issue where the /api/projects/<project ID>/versions/<version ID>/vulnerable-bom-components endpoint would have longer than expected response times. The request now only includes one license definition per version BOM component which should improve the response time. Users should only see a lower number of results if they had a Protex BOM imported with license overrides.

  • (HUB-26924). Fixed an issue so that a user-friendly error message now appears when a SAML SSO user login fails. If the SSO configuration is wrong, an error page will be displayed to indicate a configuration issue. If the user is disabled in HUB, an error page will be displayed, notifying the user to contact the system administrator or Unauthorized page.

  • (HUB-31176). Fixed an issue where Rapid Scan policy evaluation was not checking the BOM status when the remediation status is associated with a specific project-version.

  • (HUB-30808). Fixed an issue where custom fields created under the BOM Component tab in Custom Fields Management were not returning when reviewing a component's "Additional fields" within any project's BOM. We will display up to 100 custom fields when editing the custom fields on BOM component.

  • (HUB-30922). Fixed an issue where the descriptions on the Project Version level were not displayed. This field will now display the description used on the Project level.

  • (HUB-31482). Fixed an issue where licenses were not shown on the Snippet confirmation page after HUB 2021.6.2.

  • (HUB-31003). Fixed an issue where users could get a HTTP 500 Internal Server Error when attempting to perform bulk remediation for vulnerabilities.

  • (HUB-31425). Fixed an issue where the Version Detail Report was taking a significant amount of time to run/complete the query when started compared to previous versions of HUB.

  • (HUB-29598). Fixed an issue where the number of vulnerabilities in the PDF generated by "Print" button on component page would get pushed out due to the bar being too long.

  • (HUB-30133). Fixed an issue where the t-shirt sizing ymls in the helm deployments have the webui container with less memory for an XL deployment than large. The webui container's memory limit is increased to 1024 Mi in x-large.yaml tshirt size.

  • (HUB-28889). Fixed an issue where the BOM Engine could fail to start if RabbitMQ is not reachable.

  • (HUB-30215). Fixed an issue where BDSA-2020-1311 was incorrectly reporting a workaround was available.

  • (HUB-30857). Fixed a bug where the "Affected Projects" page for vulnerabilities was omitting vulnerabilities from ignored components in the items displayed but including them when finding the count for the total items. Now the count for total items also omits vulnerabilities from ignored components.

  • (HUB-30603). Fixed an issue where a user could see the entirety of a comment under a BDSA or CVE record under the security tab of a project if it was grayed out.

  • (HUB-28753). Fixed an issue where the BomEngine did not accept the value of the HUB_PROXY_PASSWORD_FILE secret when created in docker and would return a 407 AUTHENTICATION REQUIRED error.

  • (HUB-31483). Fixed an issue where the policy override date and user information in the Policy Violations modal was displayed incorrectly the Japanese localization.