From 55f0451099d2426a9311e1431d86b9b9bbab7680 Mon Sep 17 00:00:00 2001
From: fahed dorgaa <fahed.dorgaa@gmail.com>
Date: Sat, 28 Mar 2026 00:07:46 +0100
Subject: [PATCH] feat: add UNKNOWN enum value to Vulnerability sources

Signed-off-by: Fahed Dorgaa <fahed.dorgaa@gmail.com>
---
 .../src/main/java/org/dependencytrack/model/Vulnerability.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/apiserver/src/main/java/org/dependencytrack/model/Vulnerability.java b/apiserver/src/main/java/org/dependencytrack/model/Vulnerability.java
index c8aeb118c8..94349adb0e 100644
--- a/apiserver/src/main/java/org/dependencytrack/model/Vulnerability.java
+++ b/apiserver/src/main/java/org/dependencytrack/model/Vulnerability.java
@@ -130,7 +130,8 @@ public enum Source {
         RETIREJS, // Retire.js
         INTERNAL,  // Internally-managed (and manually entered) vulnerability
         OSV, // Google OSV Advisories
-        SNYK;    // Snyk Purl Vulnerability
+        SNYK,    // Snyk Purl Vulnerability
+        UNKNOWN; // Unknown or unrecognized vulnerability source
 
         public static boolean isKnownSource(String source) {
             return Arrays.stream(values()).anyMatch(enumSource -> enumSource.name().equalsIgnoreCase(source));