dependency-track icon indicating copy to clipboard operation
dependency-track copied to clipboard

Published 20 hours ago verified publisher icon DependencyTrack

Metadata

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Results 588 dependency-track issues
Sort by recently updated
recently updated
newest added

Surpressing vulnerability does not surpress corresponding policy violation

### Current Behavior: When surpressing a vulnerability, a corresponding policy violation is not surpressed and needs to be surpressed manually too. ### Steps to Reproduce: 1. Create a policy targeting...

rkg-mm avatar rkg-mm

in triage

Consider supporting generic vulnerability scanners

16 comment

We currently support multiple sources of vulnerability intelligence, among them the NVD, OSS Index, GHSA and VulnDB. In some cases, we perform the actual vulnerability scanning (e.g. NVD, GHSA), in...

nscuro avatar nscuro

spike / research

Add Group ID or comments to groups in OIDC Groups

1 comment

The enhancement may already be reported! Please search for the enhancement before creating one. ### Current Behavior: You have to use object-ID's to specify which groups you want, for example...

YurrytVermeire avatar YurrytVermeire

enhancement

Component update is broken

1 comment

### Current Behavior: Currently hashes for some components are stored in uppercase format and it's accepted by UI ![image](https://user-images.githubusercontent.com/38255353/131505274-e2dbd8c1-c1eb-4b23-a30b-618a119f0378.png) In case you need to update component API call is failing...

vmvarga avatar vmvarga

in triage

GitHub Advisories: Test Connection Button

2 comment

### Current Behavior: GitHub Advisory mirroring is refreshed daily, or upon restart of the Dependency-Track instance. #1542 is currently scheduled for milestone 4.6 and will allow the user to configure...

msymons avatar msymons

enhancement

BOM upload fails without feedback due to field max length

6 comment

A BOM file that contains a component with a "publisher" field with more than 255 character fails due to the constraints of the field. However, there is no feedback or...

ecaisse avatar ecaisse

defect

An unexpected error occurred performing a vulnerability analysis task

4 comment

### Current Behavior: Loading an SBOM that used to process and find several hundreds of vulnerabilities, now fails to process and creates an error of 'An unexpected error occurred performing...

kbolander avatar kbolander

defect

Parallel analysis BomUploadProcessTask

2 comment

### Current Behavior: Currently, everything works as an event. The problem is when I send X reviews (bom upload) at the same time, it starts to create events and send...

fuentecilla86 avatar fuentecilla86

enhancement
p2

Issues with componets comments in Projects

1 comment

### Current Behavior: In "Audit Vulnerabilities" tab of a project, when I set something in Comment textarea of a component, when I click on "Add Comment" the comment is erased...

amergey avatar amergey

not an issue

Remove reliance on org.json.JSON

stevespringett avatar stevespringett

technical debt

Metadata

2.4k
Stars
517
Forks
Watchers

Owner

verified publisher icon DependencyTrack

Metadata

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Back