Mark Symons
Mark Symons
With this addition to license mappings in PR #195 https://github.com/CycloneDX/cyclonedx-core-java/blob/b664a13f3e7c41a7e086ec508d804c2bd4207140/src/main/resources/license-mapping.json#L67 The consequence is that the component [antlr4](https://github.com/antlr/antlr4) now maps to `BSD-4-Clause` when the intention of the antlr project is the...
I would like to see an improved release process... * [Releases](https://github.com/CycloneDX/cyclonedx-core-java/releases) populated with release notes. This will help repo watchers who configure customise events for "Releases" only. * [CHANGELOG.md](https://github.com/CycloneDX/cyclonedx-core-java/blob/master/CHANGELOG.md) updated...
### Current Behavior: Dependency-Track v3.7.1 allows tags to be added to (or removed from) projects by users who have PORTFOLIO_MANAGEMENT permission. This permission includes the ability to *create* new tags....
### Current Behavior Dependency-Track does not support Lifecycle phases, support for which was introduced in CycloneDX 1.5 # Lifecycle Phases The Software Development Life Cycle (SDLC) is a process that...
### Current Behavior BOM Validation against the CycloneDX schema was a feature introduced in v4.11.0 and can be enabled or disabled by an administrator. It is "all or nothing". Either...
### Current Behavior CycloneDX 1.5 adds support for a new date field to record when (if) a vulnerability has been Rejected. See [specification issue 168](https://github.com/CycloneDX/specification/issues/168). ie, if field is not...
### Current Behavior: Dependency-Track v3.6.0 introduced the active bit/flag (#399), whereby projects can be configured as inactive and then are hidden from display by default, with projects screen displaying a...
### Current Behavior: After setting up Slack notifications on DT 4.3.1 I have seen 269 occurrences of HTTP 429 ERROR in the space of 24 hours. I cannot say that...
### Current Behavior: When Slack notifications exceed the allowed Rate Limit, the following is logged: ``` 10:51:55.724 ERROR [SlackPublisher] An error was encountered publishing notification to Slack 10:51:55.725 ERROR [SlackPublisher]...
Update swagger-compat-spec-parser to use json-schema-validator v2.2.8 to address CVSS 3.0 level 5.4 security threat which originates from libphonenumber dependency. Note that json-schema-validator has had a change of groudId from com.github.fge...