issues
search
DependencyTrack
/
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
https://dependencytrack.org/
Apache License 2.0
2.44k
stars
530
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
DT resets some (but not all) of my updated components
#3923
malice00
opened
36 minutes ago
0
Database could avoid re-writing/updating vulnerability if value is not different
#3922
LaVibeX
opened
2 hours ago
0
Add OIDC Documentation for OneLogin
#3921
rh0dy
opened
16 hours ago
0
BOM submission should respond 403 when there's no permission to create project
#3920
merlinran
opened
21 hours ago
0
Add project info to metrics API for projects
#3918
2000rosser
opened
1 day ago
1
Bump org.eclipse.jetty.ee10:jetty-ee10-maven-plugin from 12.0.10 to 12.0.11
#3917
dependabot[bot]
closed
1 day ago
1
Bump net.javacrumbs.json-unit:json-unit-assertj from 3.3.0 to 3.4.0
#3916
dependabot[bot]
closed
1 day ago
1
Set license name instead of ID when using custom license
#3915
2000rosser
closed
1 day ago
4
Bump io.github.jeremylong:open-vulnerability-clients from 6.1.0 to 6.1.1
#3914
dependabot[bot]
closed
2 days ago
1
False positif CVE-2023-29827 linked to ejs@3.1.10
#3913
JingLeiTalan
opened
2 days ago
1
Bump debian from `0200978` to `f8bbfa0` in /src/main/docker
#3912
dependabot[bot]
closed
3 days ago
1
Bump com.mysql:mysql-connector-j from 8.0.33 to 9.0.0
#3911
dependabot[bot]
opened
3 days ago
0
Support CEL based Expression for Detecting Internal Components
#3910
VinodAnandan
opened
3 days ago
2
Attributed on date of vulnerability shows a date after suppression/comment date
#3909
Sp33dy42
opened
3 days ago
6
Allow custom claim parser during OIDC login procedure for teams resolution
#3908
otbe
opened
3 days ago
2
Return once identical CVEs within SBOM:vulnerabilities section
#3907
andreeaButerchi
opened
3 days ago
0
Invalid SWID tag when downloading BOM from DependencyTrack
#3906
savek-cc
opened
3 days ago
1
Bump github/codeql-action from 3.25.10 to 3.25.11
#3903
dependabot[bot]
closed
4 days ago
1
Bump docker/build-push-action from 6.1.0 to 6.2.0
#3902
dependabot[bot]
closed
4 days ago
1
Bump io.github.jeremylong:open-vulnerability-clients from 6.0.1 to 6.1.0
#3901
dependabot[bot]
closed
4 days ago
1
CycloneDX sbom cannot be imported because of validation issue Error 400 when advisory url contains spaces
#3900
djeanprost
closed
4 days ago
4
docs: add docs for base_path
#3899
Squixx
closed
4 days ago
0
"...project/{name}/{version}" API Fails to Retrieve Badge When Project Name Includes "/"
#3898
we684123
opened
4 days ago
3
Schema validation error when importing SBOMs that were exported by DT itself
#3897
malice00
closed
1 day ago
5
Add REST endpoint for tag deletion
#3896
nscuro
closed
4 days ago
1
BOM upload after clone of project might get stuck/fail
#3895
otbe
opened
5 days ago
0
Add REST endpoints for bulk tagging & un-tagging of projects
#3894
nscuro
closed
4 days ago
1
Enable string de-duplication JVM option per default
#3893
nscuro
closed
6 days ago
1
Added Air France-KLM as DT adopter
#3892
nekhtan
closed
1 week ago
0
Include or Exclude Projects From BOM Validation Using Tags
#3891
msymons
opened
1 week ago
0
Bump net.javacrumbs.json-unit:json-unit-assertj from 3.2.7 to 3.3.0
#3890
dependabot[bot]
closed
1 week ago
1
Fix NPE when querying component metadata for projects without findings
#3889
nscuro
closed
1 week ago
1
Relax lowercase requirement for `/api/v1/tag/{name}/project` and `/api/v1/tag/{name}/policy`
#3888
nscuro
closed
1 week ago
1
Deprecate `/api/v1/tag/{policyUuid}` in favor of `/api/v1/tag/policy/{uuid}`
#3887
nscuro
closed
1 week ago
1
Tag Management MVP: Inspecting Usage
#3886
msymons
closed
1 week ago
0
CycloneDX BOM validation fails for git style externalReferences
#3885
valentijnscholten
closed
3 days ago
8
ProjectMetric doesn't contain project field, required according to Swagger
#3884
cheonsaxelle
opened
1 week ago
1
Incorrect API response from GET /api/v1/project/{id} following a specific sequence of API calls
#3883
michal-futurice
opened
1 week ago
0
Add REST endpoints for tag retrieval
#3881
nscuro
closed
1 week ago
1
BOM_PROCESSED & BOM_CONSUMED Alerts Not Sent When BOM Processing V2 Enabled
#3880
msymons
closed
1 week ago
1
After the Vulnerability Details Affected Components were updated, the cpe was gone
#3879
x-zim
opened
1 week ago
0
Need a way to export VEX/VDRs that excludes all of the suppressed vulnerabilities
#3878
Szalacinski
opened
1 week ago
0
Fix `BOM_CONSUMED` and `BOM_PROCESSED` notifications being dispatched with wrong scope
#3877
nscuro
closed
1 week ago
1
No error when BOM upload fails due to PURL address size limit exceeding
#3876
eugenhoffmann
opened
1 week ago
1
Backport: Bump bundled frontend to 4.11.4
#3875
nscuro
closed
1 week ago
1
Bump bundled frontend to 4.11.4
#3874
nscuro
closed
1 week ago
1
Bump docker/build-push-action from 5.4.0 to 6.1.0
#3873
dependabot[bot]
closed
1 week ago
1
Bump aquasecurity/trivy-action from 0.22.0 to 0.23.0
#3872
dependabot[bot]
closed
1 week ago
1
Backport: Prevent XXE injection during CycloneDX validation and parsing
#3871
nscuro
closed
1 week ago
1
Prevent XXE injection during CycloneDX validation and parsing
#3870
nscuro
closed
1 week ago
1
Next