Anson Allard

@odoucet Are there any plans to merge this PR? I was looking into using dumb-init for a project, but cannot do so until this fix is added to a release.

+1 on getting this merged in.

@harsh62 Unfortunately, I'm no longer working on that project, so I'm unable to access the source code to test. As of December 2021, this was still an active and unresolved...

Hello all - a question based on the 4.9.0 release. I have an npm component: [type-fest 0.20.2](https://www.npmjs.com/package/type-fest/v/0.20.2) that has a SPDX license expression on the public registry. I was expecting...

Additionally, after reading and following the [policy recommendation](https://docs.dependencytrack.org/usage/policy-compliance/#license-violation), I wrote a test policy to disallow all licenses outside of a certain license group - in this case, the permissive license...

The BOM upload was fresh after upgrading to 4.9.0. It looks like my BOM is incorrect, as this is the component that was pushed to dependency track (CycloneDX 1.4): ```json...

I used [cdxgen](https://github.com/CycloneDX/cdxgen).

After reviewing the CycloneDX 1.4 spec, it seems this tool does not generate the correct SBOM output given a SPDX expression, as defined [here](https://cyclonedx.org/docs/1.4/json/#components_items_licenses_items_expression).

After uploading a BOM file with the correct "expression" key/value pair in the license list, I was able to verify that dependency track correctly handles the SPDX expression. I'll raise...

You can add headers to your openapi spec (in the parameters section of the remote endpoint), and in doing so, this library will allow you to pass headers to api...