DependencyTrack dependency-track issues

DependencyTrack / dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

https://dependencytrack.org/

Apache License 2.0

2.43k stars 529 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

"...project/{name}/{version}" API Fails to Retrieve Badge When Project Name Includes "/"

#3898 we684123 opened 4 hours ago
0
Schema validation error when importing SBOMs that were exported by DT itself

#3897 malice00 opened 22 hours ago
5
Add REST endpoint for tag deletion

#3896 nscuro closed 14 hours ago
1
BOM upload after clone of project might get stuck/fail

#3895 otbe opened 1 day ago
0
Add REST endpoints for bulk tagging & un-tagging of projects

#3894 nscuro closed 18 hours ago
1
Enable string de-duplication JVM option per default

#3893 nscuro closed 2 days ago
1
Added Air France-KLM as DT adopter

#3892 nekhtan closed 2 days ago
0
Include or Exclude Projects From BOM Validation Using Tags

#3891 msymons opened 3 days ago
0
Bump net.javacrumbs.json-unit:json-unit-assertj from 3.2.7 to 3.3.0

#3890 dependabot[bot] closed 3 days ago
1
Fix NPE when querying component metadata for projects without findings

#3889 nscuro closed 4 days ago
1
Relax lowercase requirement for `/api/v1/tag/{name}/project` and `/api/v1/tag/{name}/policy`

#3888 nscuro closed 4 days ago
1
Deprecate `/api/v1/tag/{policyUuid}` in favor of `/api/v1/tag/policy/{uuid}`

#3887 nscuro closed 4 days ago
1
Tag Management MVP: Inspecting Usage

#3886 msymons closed 4 days ago
0
CycloneDX BOM validation fails for git style externalReferences

#3885 valentijnscholten opened 4 days ago
7
ProjectMetric doesn't contain project field, required according to Swagger

#3884 cheonsaxelle opened 4 days ago
1
Incorrect API response from GET /api/v1/project/{id} following a specific sequence of API calls

#3883 michal-futurice opened 5 days ago
0
Add REST endpoints for tag retrieval

#3881 nscuro closed 4 days ago
1
BOM_PROCESSED & BOM_CONSUMED Alerts Not Sent When BOM Processing V2 Enabled

#3880 msymons closed 5 days ago
1
After the Vulnerability Details Affected Components were updated, the cpe was gone

#3879 x-zim opened 6 days ago
0
Need a way to export VEX/VDRs that excludes all of the suppressed vulnerabilities

#3878 Szalacinski opened 6 days ago
0
Fix `BOM_CONSUMED` and `BOM_PROCESSED` notifications being dispatched with wrong scope

#3877 nscuro closed 6 days ago
1
No error when BOM upload fails due to PURL address size limit exceeding

#3876 eugenhoffmann opened 6 days ago
1
Backport: Bump bundled frontend to 4.11.4

#3875 nscuro closed 6 days ago
1
Bump bundled frontend to 4.11.4

#3874 nscuro closed 6 days ago
1
Bump docker/build-push-action from 5.4.0 to 6.1.0

#3873 dependabot[bot] closed 6 days ago
1
Bump aquasecurity/trivy-action from 0.22.0 to 0.23.0

#3872 dependabot[bot] closed 6 days ago
1
Backport: Prevent XXE injection during CycloneDX validation and parsing

#3871 nscuro closed 1 week ago
1
Prevent XXE injection during CycloneDX validation and parsing

#3870 nscuro closed 1 week ago
1
Improve performance of findings retrieval

#3869 nscuro closed 1 week ago
1
Add changelog for v4.11.4

#3868 nscuro closed 6 days ago
0
Backport: Fix external references not being updated via `POST /v1/component`

#3867 nscuro closed 1 week ago
1
Backport: Fix BOM validation failing when URL contains encoded `[` and `]` characters

#3866 nscuro closed 1 week ago
1
Fix BOM validation failing when URL contains encoded `[` and `]` characters

#3865 nscuro closed 1 week ago
1
Backport: Fix inverted "show inactive" filter in vulnerability audit view

#3864 nscuro closed 1 week ago
1
Backport: Support ingestion of CycloneDX v1.6 BOMs

#3863 nscuro closed 1 week ago
1
Use stricter identity comparison when merging components

#3861 mykter opened 1 week ago
5
Bump org.apache.maven.plugins:maven-clean-plugin from 3.3.2 to 3.4.0

#3859 dependabot[bot] closed 1 week ago
1
Usage of Dependency tracker 4.11.3 getting blockage

#3857 nandu525 opened 1 week ago
2
[create vulnerability->general -> cwe] Click +, the list page turns without data

#3856 x-zim opened 1 week ago
0
Bump github/codeql-action from 3.25.8 to 3.25.10

#3854 dependabot[bot] closed 1 week ago
1
Bump docker/build-push-action from 5.3.0 to 5.4.0

#3853 dependabot[bot] closed 1 week ago
1
Bump actions/checkout from 4.1.6 to 4.1.7

#3852 dependabot[bot] closed 1 week ago
1
Bump org.apache.maven:maven-artifact from 3.9.7 to 3.9.8

#3851 dependabot[bot] closed 1 week ago
1
Can't get teams synchronized/OIDC groups added with GitLab OIDC

#3850 veselov closed 2 weeks ago
7
Support for summarized and scheduled notifications

#3849 MM-msr closed 1 week ago
5
Bump `cyclonedx-core-java` to `9.0.2`

#3847 nscuro closed 2 weeks ago
1
Bump SPDX license list to v3.24.0

#3846 nscuro closed 2 weeks ago
1
H2 Database error preventing Dependency Track to run

#3844 VikraKrish closed 2 weeks ago
1
feat: autocreate project with tags

#3843 JCHacking closed 1 week ago
6
Bump debian from `2b2e35d` to `0200978` in /src/main/docker

#3842 dependabot[bot] closed 2 weeks ago
1