Skip to content

fix: widen reference URL column to handle long Mozilla CVE URLs #8467

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
jeremylong merged 9 commits into from
May 3, 2026
Merged

fix: widen reference URL column to handle long Mozilla CVE URLs #8467

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
681aa75
fix: widen reference URL column to handle long Mozilla CVE URLs
WF-Steffen Apr 29, 2026
ddc9fa1
Update core/src/main/resources/data/initialize.sql
steffenjacobs Apr 29, 2026
49b0343
Update core/src/main/resources/data/initialize_mssql.sql
steffenjacobs Apr 29, 2026
f9d6521
Update core/src/main/resources/data/initialize_mysql.sql
steffenjacobs Apr 29, 2026
a3520a5
Update core/src/main/resources/data/initialize_oracle.sql
steffenjacobs Apr 29, 2026
25b6588
Update core/src/main/resources/data/initialize_postgres.sql
steffenjacobs Apr 29, 2026
4ba2839
Update core/src/main/resources/data/upgrade_5.5.sql
steffenjacobs Apr 29, 2026
88d68e0
fix: keep Oracle url column at VARCHAR(4000)
WF-Steffen Apr 30, 2026
34a8d48
Merge branch 'main' into fix/widen-reference-url-column
steffenjacobs Apr 30, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions core/src/main/resources/data/initialize.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ CREATE TABLE vulnerability (id int auto_increment PRIMARY KEY, cve VARCHAR(20) U
v4baseScore DECIMAL(3,1), v4baseSeverity VARCHAR(15), v4threatScore DECIMAL(3,1), v4threatSeverity VARCHAR(15),
v4environmentalScore DECIMAL(3,1), v4environmentalSeverity VARCHAR(15), v4source VARCHAR(50), v4type VARCHAR(15));

CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(1000), source VARCHAR(255),
CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(8000), source VARCHAR(255),
CONSTRAINT fkReference FOREIGN KEY (cveid) REFERENCES vulnerability(id) ON DELETE CASCADE);

CREATE TABLE cpeEntry (id INT auto_increment PRIMARY KEY, part CHAR(1), vendor VARCHAR(255), product VARCHAR(255),
Expand Down Expand Up @@ -81,4 +81,4 @@ CREATE ALIAS insert_software FOR "org.owasp.dependencycheck.data.nvdcve.H2Functi
CREATE ALIAS merge_knownexploited FOR "org.owasp.dependencycheck.data.nvdcve.H2Functions.mergeKnownExploited";

CREATE TABLE properties (id varchar(50) PRIMARY KEY, `value` varchar(500));
INSERT INTO properties(id, `value`) VALUES ('version', '5.5');
INSERT INTO properties(id, `value`) VALUES ('version', '5.6');
4 changes: 2 additions & 2 deletions core/src/main/resources/data/initialize_mssql.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ CREATE TABLE vulnerability (id int identity(1,1) PRIMARY KEY, cve VARCHAR(20) UN
v4baseScore DECIMAL(3,1), v4baseSeverity VARCHAR(15), v4threatScore DECIMAL(3,1), v4threatSeverity VARCHAR(15),
v4environmentalScore DECIMAL(3,1), v4environmentalSeverity VARCHAR(15), v4source VARCHAR(50), v4type VARCHAR(15));

CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(1000), source VARCHAR(255),
CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(8000), source VARCHAR(255),
CONSTRAINT FK_Reference FOREIGN KEY (cveid) REFERENCES vulnerability(id) ON DELETE CASCADE);

CREATE TABLE cpeEntry (id INT identity(1,1) PRIMARY KEY, part CHAR(1), vendor VARCHAR(255), product VARCHAR(255),
Expand Down Expand Up @@ -311,7 +311,7 @@ END;

GO

INSERT INTO properties(id,value) VALUES ('version','5.5');
INSERT INTO properties(id,value) VALUES ('version','5.6');

GO
/**
Expand Down
4 changes: 2 additions & 2 deletions core/src/main/resources/data/initialize_mysql.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ CREATE TABLE vulnerability (id int auto_increment PRIMARY KEY, cve VARCHAR(20) U
v4baseScore DECIMAL(3,1), v4baseSeverity VARCHAR(15), v4threatScore DECIMAL(3,1), v4threatSeverity VARCHAR(15),
v4environmentalScore DECIMAL(3,1), v4environmentalSeverity VARCHAR(15), v4source VARCHAR(50), v4type VARCHAR(15));

CREATE TABLE `reference` (cveid INT, name VARCHAR(1000), url VARCHAR(1000), source VARCHAR(255),
CREATE TABLE `reference` (cveid INT, name VARCHAR(1000), url VARCHAR(8000), source VARCHAR(255),
CONSTRAINT fkReference FOREIGN KEY (cveid) REFERENCES vulnerability(id) ON DELETE CASCADE);

CREATE TABLE cpeEntry (id INT auto_increment PRIMARY KEY, part CHAR(1), vendor VARCHAR(255), product VARCHAR(255),
Expand Down Expand Up @@ -379,4 +379,4 @@ GRANT EXECUTE ON PROCEDURE dependencycheck.merge_knownexploited TO 'dcuser';

GRANT SELECT, INSERT, UPDATE, DELETE ON dependencycheck.* TO 'dcuser';

INSERT INTO properties(id, value) VALUES ('version', '5.5');
INSERT INTO properties(id, value) VALUES ('version', '5.6');
4 changes: 2 additions & 2 deletions core/src/main/resources/data/initialize_oracle.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@ CREATE TABLE vulnerability (id INT NOT NULL PRIMARY KEY, cve VARCHAR(20) UNIQUE,
v4baseScore DECIMAL(3,1), v4baseSeverity VARCHAR(15), v4threatScore DECIMAL(3,1), v4threatSeverity VARCHAR(15),
v4environmentalScore DECIMAL(3,1), v4environmentalSeverity VARCHAR(15), v4source VARCHAR(50), v4type VARCHAR(15));

CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(1000), source VARCHAR(255),
CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(4000), source VARCHAR(255),
CONSTRAINT fkReference FOREIGN KEY (cveid) REFERENCES vulnerability(id) ON DELETE CASCADE);

CREATE TABLE cpeEntry (id INT NOT NULL PRIMARY KEY, part CHAR(1), vendor VARCHAR(255), product VARCHAR(255),
Expand Down Expand Up @@ -538,4 +538,4 @@ CREATE OR REPLACE VIEW v_update_ecosystems AS
ON c.vendor=e.vendor
AND c.product=e.product;

INSERT INTO properties(id,value) VALUES ('version','5.5');
INSERT INTO properties(id,value) VALUES ('version','5.6');
4 changes: 2 additions & 2 deletions core/src/main/resources/data/initialize_postgres.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ CREATE TABLE vulnerability (id SERIAL PRIMARY KEY, cve VARCHAR(20) UNIQUE,
v4baseScore DECIMAL(3,1), v4baseSeverity VARCHAR(15), v4threatScore DECIMAL(3,1), v4threatSeverity VARCHAR(15),
v4environmentalScore DECIMAL(3,1), v4environmentalSeverity VARCHAR(15), v4source VARCHAR(50), v4type VARCHAR(15));

CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(1000), source VARCHAR(255),
CREATE TABLE reference (cveid INT, name VARCHAR(1000), url VARCHAR(8000), source VARCHAR(255),
CONSTRAINT fkReference FOREIGN KEY (cveid) REFERENCES vulnerability(id) ON DELETE CASCADE);

CREATE TABLE cpeEntry (id SERIAL PRIMARY KEY, part CHAR(1), vendor VARCHAR(255), product VARCHAR(255),
Expand Down Expand Up @@ -324,4 +324,4 @@ GRANT EXECUTE ON FUNCTION public.insert_software (INT, CHAR(1), VARCHAR(255),



INSERT INTO properties(id,value) VALUES ('version','5.5');
INSERT INTO properties(id,value) VALUES ('version','5.6');
3 changes: 3 additions & 0 deletions core/src/main/resources/data/upgrade_5.5.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
ALTER TABLE reference ALTER COLUMN url SET DATA TYPE VARCHAR(8000);
Comment thread
steffenjacobs marked this conversation as resolved.

UPDATE Properties SET `value`='5.6' WHERE ID='version';
2 changes: 1 addition & 1 deletion core/src/main/resources/dependencycheck.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ data.file_name=odc.mv.db
### if you increment the DB version then you must increment the database file path
### in the mojo.properties, task.properties (maven and ant respectively), and
### the gradle PurgeDataExtension.
data.version=5.5
data.version=5.6

#The analysis timeout in minutes
odc.analysis.timeout=180
Expand Down
2 changes: 1 addition & 1 deletion core/src/test/resources/dependencycheck.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ engine.version.url=https://dependency-check.github.io/DependencyCheck/current.tx
data.directory=[JAR]/data/11.0
#if the filename has a %s it will be replaced with the current expected version
data.file_name=odc.mv.db
data.version=5.5
data.version=5.6

#The analysis timeout in minutes
odc.analysis.timeout=20
Expand Down
Loading