dependency-track
dependency-track copied to clipboard
DependencyTrack
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
### Current Behavior The API docs show .uuid as required for creating a group, when in reality it's the name that is required and uuid will be ignored. Name is...
### Current Behavior Aliases are not returned in the specified endpoint. There are vastly more details returned from `vulnerability/source/{source}/vuln/{id}`, which means doubling the API calls in some cases. This seems...
### Current Behavior The .parent property is documented in the JSON Schema, but it's missing from the Example. It appears that getting project by UUID returns the .parent. Using lookup...
### Current Behavior The request will fail if you send it twice ``` 409 - A project with the specified name already exists ``` ### Steps to Reproduce Send the...
### Current Behavior policyConditions contents are ignored, even though the OpenAPI spec shows that you can send them ### Steps to Reproduce ``` curl --fail-with-body --silent --show-error -H 'Authorization: Bearer...
### Current Behavior Permissions and members related properties are ignored, even though the OpenAPI spec shows that you can send them ### Steps to Reproduce I've downloaded the definition for...
### Current Behavior I can't seem to find any documentation on this. The behavior isn't obvious as seen in this comment: https://github.com/DependencyTrack/dependency-track/issues/4828#issuecomment-2823359707 >Maybe another important finding: I realized that when...
### Organization Name Person ### Organization Website _No response_ ### Organization Logo (optional) _No response_ ### How is your organization using Dependency Track? show sbom dashboard. ### Source Code Link...
### Current Behavior Sending the same PUT request twice results in `A mapping with the same team and project already exists.` ### Expected Behavior > The PUT method is idempotent,...
### Current Behavior Policies apply to projects with selected tags. There's no way to apply a policy to all projects except those with specific tags, making exclusion use cases cumbersome....
Metadata
Owner
Metadata
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.