flemminglau
flemminglau
In a merge operation in case the output file already exists and is thereby overwritten the previous content is not first truncated. The result is that in case the new...
When an SBOM describes an application (A) which is built on top of a complex component (B) for which a separate SBOM is available, there is a need to ensure...
The defect may already be reported! Please search for the defect before creating one. ### Current Behavior: The Audit process for Vulnerabilities is a bit shaky: - The "Details" cannot...
### Current Behavior Currently when doing an SBOM Export all project components are included in the export. However DT has an attribute of components identifying them as being internal. In...
### Current Behavior When uploading an SBOM containing an SPDX compliant license id in the name field (like): ``` license: [ name: "GPL-3.0-or-later" ] ``` DT does not recognize and...
### Current Behavior Currently DT handles direct and indirect dependencies much the same. In case the loaded BOM has the information DT can show a hierarchy of interdependencies. However even...
The defect may already be reported! Please search for the defect before creating one. ### Current Behavior: The Audit process for Vulnerabilities is a bit shaky: - The "Details" cannot...
It seems like a hierarchical merge will always generate dependency data forcing the merged sboms to become nodes in the resulting sbom dependency tree. On the level above the individual...
This is really not an issue specific to this tool but in case the tool was to implement a way of doing this it would be a great contribution to...
I am a bit unsure as it is not very well defined in the sources but it seems we are linking w. cyclonedx.core.java 7.3.2 which is from Feb 2023. I...