#1775: validate and update CPE vendor and product for all tools by MarvMa · Pull Request #1796 · devonfw/IDEasy

MarvMa · 2026-04-02T11:43:12Z

This PR fixes #1775

Implemented changes:

updated cpe's for all products
removed cpe-vendor and cpe-product for tools where no cpe entry exists on nvd
created a shell-script to verify cpe data using a POST request with search params. (doesn't work for all the CPEs, some needed a manual check)
collect-cpe-report.sh

Checklist for this PR

Make sure everything is checked before merging this PR. For further info please also see
our DoD.

When running mvn clean test locally all tests pass and build is successful
PR title is of the form #«issue-id»: «brief summary» (e.g. #921: fixed setup.bat). If no issue ID exists, title only.
PR top-level comment summarizes what has been done and contains link to addressed issue(s)
PR and issue(s) have suitable labels
Issue is set to In Progress and assigned to you or there is no issue (might happen for very small PRs)
You followed all coding conventions
You have added the issue implemented by your PR in CHANGELOG.adoc unless issue is labeled
with internal

…evonfw#1787-yarn-version-broken

… non existent cpes

MarvMa added 6 commits March 25, 2026 07:36

devonfw#1647: updated cpe values for docker/rancher

0f81059

devonfw#1174: added functionality for JavaAzul

e4a43e2

devonfw#1174: added edition logic to javaAzul

980267f

Merge branch 'main' of https://github.com/devonfw/IDEasy into bugfix/d…

0bb9303

…evonfw#1787-yarn-version-broken

devonfw#1775: updated cpes for all tools, deleting configurations for…

d56266a

… non existent cpes

devonfw#1775: updated changelog

6512285

github-project-automation bot added this to IDEasy board Apr 2, 2026

github-project-automation bot moved this to 🆕 New in IDEasy board Apr 2, 2026

MarvMa changed the title ~~Bugfix/#1775 validate CVE reportings~~ #1775: validate and update CPE vendor and product for all tools Apr 2, 2026

MarvMa self-assigned this Apr 2, 2026

MarvMa added security CVEs or other vulnerabilities workflow GitHub actions (CI,CD,update urls/CVEs) labels Apr 2, 2026

MarvMa moved this from 🆕 New to 👀 In review in IDEasy board Apr 2, 2026

MarvMa requested a review from hohwille April 2, 2026 12:05

MarvMa moved this from 👀 In review to Team Review in IDEasy board Apr 2, 2026

MarvMa moved this from Team Review to 👀 In review in IDEasy board Apr 2, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

#1775: validate and update CPE vendor and product for all tools#1796

#1775: validate and update CPE vendor and product for all tools#1796
MarvMa wants to merge 6 commits intodevonfw:mainfrom
MarvMa:bugfix/#1775-validate-cve-reportings

MarvMa commented Apr 2, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

MarvMa commented Apr 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

This PR fixes #1775

Implemented changes:

Checklist for this PR

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

MarvMa commented Apr 2, 2026 •

edited

Loading