-
The `gradle/actions/dependency-submission` action is fantastic; it works well with GitHub and other tools that can parse SBOM files. Great work!
What I'm missing when trying to analyze the generated …
-
### Current Behavior
Dependency-Track currently does not issue a warning when machine-readable identifiers, such as CPE or purl, are missing for third-party components. This absence of identifiers me…
-
[See original issue on GitLab](https://gitlab.com/BuildStream/buildstream/-/issues/56)
In GitLab by [[Gitlab user @sstriker]](https://gitlab.com/sstriker) on Jul 31, 2017, 09:58
Pre-mature optimizati…
-
It seems dune-deps only tracks dependencies via public_name, so when the library has both name and public_name stanzas and is referenced via "internal" name - this dependency is not shown by dune-deps…
rr0gi updated
11 hours ago
-
See profile of a tracker request below.
Around 70% (105 out of 150ms in total) of the time is spend in exclusively in the first 5 methods related to DI.
Typically, methods are executed very …
-
This is the following error code I receive when reaching the last step. I've attempted rebuilding 6x, installing dependencies manually and still won't work.
bigint: Failed to load bindings, pure JS…
-
### Current Behavior
Hello,
We upload several SBOM files holding hundreds of dependencies, but when calling ODT API api/v1/bom/cyclonedx/project/XXXX?variant=withVulnerabilities -> we're missing th…
-
### Current Behavior
The integration doesn't work at all using username and password or API key or user and api key
Consider also making the instructions clearer and having a 'Test connection' butto…
-
### Current Behavior
Hello,
We have NVD + GHSA configured as vulnerability sources within our ODT instance.
Since we activated the GHSA we were used to get most of vulnerabilities twice (once with t…
-
OWASP Dependency-Track (dev3+) allows the importing and refining of Dependency-Check XML reports. It also allows the importing of SPDX and the manual creation of components.
ODT provides a REST API…