SaberStrat
SaberStrat
As of 3.5.0, the SBOM resulting from running e.g. `cyclonedx-bom --format json --output bom.json -e` does not come with a `metadata.component` object. Sure, one is able to modify the SBOM...
### Current Behavior After I updated 4.9.1 to 4.10.0 and then 4.10.1, the _Audit Vulnerabilities_ list has been showing 0 entries for all projects and project versions. Can't say which...
### Current Behavior As of Dependency-Track v4.10.1, Badges can only be activated globally for all projects and versions and the GETs do not require authorization. ### Proposed Behavior I'm proposing...
### Problem Trying to pass an argument to the query via `--arg` with a value starting with a dash, even when passed in quotes, `yq` throws an error. ```sh #...
### Describe the bug CLI excutable produced by Windows build script not up to v2 date - going by https://jfrog.com/getcli/: > **We recently renamed the JFrog CLI executable from “jfrog”...
One way to fix https://github.com/DependencyTrack/dependency-track/issues/3834 and make `vulnerabilities` elements in BOMs and VEXs unique, is to make Vulnerability objects comparable to one another on a fields basis. To get this,...
Enables comparison of two Vulnerability objects by their fields' values. Implements #463
Introduce new annotation for resources that makes the authentication filter look at the URI query for a parameter containing the API key instead of a header. This enables clients that...
Currently, alpine-server's `AuthenticationFilter` checks only for a header `X-API-Key` for an API key. However, there are use cases for clients that cannot pass a header or only with difficulty. One...
### Description Enables Dependency-Track to offer badges in a secure manner and change the `badge` API from an opt-in-able, unauthenticated one into one requiring authentication with the new permission `VIEW_BADGES`....