DependencyTrack dependency-track issues

DependencyTrack / dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

https://dependencytrack.org/

Apache License 2.0

2.71k stars 580 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Add cyclonedx json media type when exporting components

#4409 wratner opened 8 hours ago
0
BOM component API Incompatibility with application/vnd.cyclonedx+json Media Type

#4408 wratner opened 8 hours ago
0
invalid_client with OpenID and Cognito

#4407 Michenux opened 11 hours ago
1
DT 4.12.1 Upload of large SBOM via HTTP Post /v1/bom

#4406 tobijk2 opened 17 hours ago
4
Bump github/codeql-action from 3.27.4 to 3.27.5

#4405 dependabot[bot] opened 20 hours ago
1
Bump actions/dependency-review-action from 4.4.0 to 4.5.0

#4404 dependabot[bot] opened 20 hours ago
1
Bump aquasecurity/trivy-action from 0.28.0 to 0.29.0

#4403 dependabot[bot] opened 20 hours ago
1
Move GHAM notification logic outside recursion

#4401 antoinbo opened 3 days ago
1
GitHub Advisory Mirroring task triggers too many notifications

#4400 antoinbo opened 3 days ago
0
Analyzers return very old CVEs

#4399 tesence opened 3 days ago
1
Bump org.testcontainers:testcontainers from 1.20.3 to 1.20.4

#4398 dependabot[bot] opened 4 days ago
1
No way to export a self-describing VEX document.

#4397 ad8-adriant opened 5 days ago
0
Backport: Fix Trivy analyzer vulnerability matching for Go packages

#4395 nscuro closed 5 days ago
1
Fix Trivy analyzer vulnerability matching for Go packages

#4394 nscuro closed 5 days ago
1
DependencyTrack-Bundled no longer able to connect to the database

#4393 Dezrin opened 5 days ago
3
URL encoding issue for Vulnerability IDs

#4391 KS-DR opened 6 days ago
0
Issues uploading a BOM

#4390 khaledgithubwl opened 1 week ago
1
Bump github/codeql-action from 3.27.1 to 3.27.4

#4388 dependabot[bot] closed 6 days ago
1
Bump com.icegreen:greenmail-junit4 from 2.1.0 to 2.1.1

#4387 dependabot[bot] closed 6 days ago
1
Bump net.javacrumbs.json-unit:json-unit-assertj from 3.5.0 to 4.0.0

#4386 dependabot[bot] closed 6 days ago
1
I encountered an API error of 500 when using multithreading

#4384 chenjianquan7 opened 1 week ago
1
Add /v1/project/batchDelete API method that deletes with SQL

#4383 mikael-carneholm-2-wcar opened 1 week ago
1
Backport: Fix nullable metrics fields having getters of primitive type

#4382 nscuro closed 1 week ago
1
Backport: Fix policy evaluation not happening upon creation or update of individual components

#4381 nscuro closed 1 week ago
1
Backport: Fix NullPointerException when fetching findings

#4380 nscuro closed 1 week ago
1
Backport: Fix incorrect CWE schema in OpenAPI spec

#4379 nscuro closed 1 week ago
1
Backport: Fix CPE matching for NVD mirroring via REST API

#4378 nscuro closed 1 week ago
1
Backport: Reduce memory usage of metrics update tasks

#4377 nscuro closed 1 week ago
1
Trivy integration does not report vulnerabilities for Golang components

#4376 mawl closed 5 days ago
2
Policy violation notifications based on the violation state

#4375 otbe opened 1 week ago
4
Fix policy evaluation not happening upon creation or update of individual components

#4374 fupgang closed 1 week ago
1
Creating or updating a component should trigger a policy evaluation but does not

#4373 fupgang closed 1 week ago
0
When using API for bom upload, autoCreate ignores Team of parent

#4372 andyrozman opened 1 week ago
0
Cannot add user to team , because no team with that name exists

#4371 Juastin opened 1 week ago
3
Portfolio access control not respected in API requests?

#4370 thomashucke opened 1 week ago
0
Fix NullPointerException when fetching findings

#4369 nscuro closed 1 week ago
1
Applied CPE cannot be removed

#4368 eugenhoffmann opened 1 week ago
0
Policy Violations indicators are showing"0" instead of real number of Violations

#4366 RobSHK opened 1 week ago
0
Bump debian from `fffe160` to `32f6d6f` in /src/main/docker

#4365 dependabot[bot] closed 1 week ago
1
Bump github/codeql-action from 3.27.0 to 3.27.1

#4364 dependabot[bot] closed 1 week ago
1
BOM import not refreshing with CycloneDX 1.6

#4363 DerArkeN opened 2 weeks ago
0
Dependency graph crash browser

#4362 mehrdad2000 opened 2 weeks ago
0
Basic Support for Classifiers (Type) Added in CycloneDX 1.5 & 1.6

#4361 msymons opened 2 weeks ago
1
Inconsistent behavior with project properties in notifications

#4360 lme-atolcd opened 2 weeks ago
0
Optimized synchronizeVulnerability

#4359 LaVibeX closed 1 week ago
1
Bump org.eclipse.jetty.ee10:jetty-ee10-maven-plugin from 12.0.14 to 12.0.15

#4358 dependabot[bot] closed 2 weeks ago
1
Inactive projects vulnerabilities information

#4356 itmanju opened 2 weeks ago
0
Bump software.amazon.jdbc:aws-advanced-jdbc-wrapper from 2.5.1 to 2.5.2

#4353 dependabot[bot] closed 2 weeks ago
1
Put `/v1/bom` overwrite fields like `classifier` in an existing Project

#4352 ybelMekk opened 2 weeks ago
6
Uncaught internal server error when retrieving projects' findings

#4351 antoinbo closed 1 week ago
1