Niklas

Can you share the error messages you're getting for the upload requests? The response body will list the things it found to be wrong. Our tests of the export functionality...

That does help, it all seems to be license related. Thanks for providing the sample!

Yeah I think we need to populate the `license.name` field rather than `license.id` for custom licenses. Since the CycloneDX schema strictly requires valid SPDX license IDs in the `license.id` field....

I knew people were abusing PURLs, but exceeding even 786 characters is new to me :laughing: --- Note, we might need some custom pre-flight checks *after* schema validation, but *before*...

@marob We are limited by databases offering different degrees of support for this: https://github.com/DependencyTrack/dependency-track/issues/2076#issuecomment-2002606197 The limitation can be lifted in Dependency-Track v5, where we will focus entirely on PostgreSQL. I'd...

This is already documented in [`services.bom.json`](https://github.com/DependencyTrack/dependency-track/blob/master/src/main/resources/services.bom.json), which [gets merged](https://github.com/DependencyTrack/dependency-track/blob/c98fc03b8a67e8b61371f103369f7e3ce22fbca6/pom.xml#L679-L704) with DT's SBOM during release, so it's also included here: https://github.com/DependencyTrack/dependency-track/releases/download/4.12.0/bom.json

@dmtkfs Yeah that would be great!

Blocked until https://github.com/quarkiverse/quarkus-mailpit releases a version >1.6.4

Thanks for raising this, I wasn't aware of this distinction. And it seems very odd to have such a separation. I subscribed to the discussion you opened, let's see what...

Just want to say thanks so much for reporting all these accessibility issues @maur1! We really appreciate folks with expertise looking at this.