Skip to content

Extending length of PURL and PURLCOORDINATES columns from 786 to 4096#6138

Closed
mrgxqq wants to merge 2 commits into
DependencyTrack:masterfrom
mrgxqq:extending_length_of_purl
Closed

Extending length of PURL and PURLCOORDINATES columns from 786 to 4096#6138
mrgxqq wants to merge 2 commits into
DependencyTrack:masterfrom
mrgxqq:extending_length_of_purl

Conversation

@mrgxqq

@mrgxqq mrgxqq commented May 15, 2026

Copy link
Copy Markdown

Description

Increased the maximum length of the PURL and PURLCOORDINATES fields.

In some BOM files generated on Windows environments, the PURL value can become excessively long — in certain cases exceeding the current limit of 786 characters. As a result, importing such BOM files into DependencyTrack fails with the following error:

in column "PURLCOORDINATES" that has maximum length of 786. Please correct your data!

This fix increases the allowed field length and resolves the issue when importing such BOM files.

A similar issue has also been discussed previously in #3560.

Addressed Issue

fixes #3560

Additional Details

The issue was reproducible with BOM files generated on Windows, where the path contained in the PURL became significantly longer than expected.

Due to the length limitation of the PURLCOORDINATES database field, the database rejected the record during BOM import.

This change is limited to increasing the allowed data size and does not affect the existing PURL processing logic.

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@owasp-dt-bot

owasp-dt-bot commented May 15, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@codacy-production

codacy-production Bot commented May 15, 2026

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 duplication

Metric Results
Duplication 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

Signed-off-by: mrgxqq <i.starmax99@gmail.com>
@mrgxqq mrgxqq force-pushed the extending_length_of_purl branch from 5978e60 to d67d718 Compare May 15, 2026 09:43
Signed-off-by: mrgxqq <i.starmax99@gmail.com>
@nscuro

nscuro commented May 15, 2026

Copy link
Copy Markdown
Member

Thanks for the PR, but this will break for MSSQL, as mentioned in the PR you linked. The problem is that this column is indexed, and some RDBMSes cannot deal with indexes on columns that large.

@mrgxqq

mrgxqq commented May 15, 2026

Copy link
Copy Markdown
Author

Thank you for the explanation.

@mrgxqq mrgxqq closed this May 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants