Niklas
Niklas
That would be fantastic!
@francislance Actually the previous logic was correct. Violations are supposed to occur when their respective conditions match.
Here's a related Slack discussion: https://owasp.slack.com/archives/C6R3R32H4/p1754692145518059 I am not confident removing this logic for all ecosystems will yield the desired result, as in some cases adding the `v` will cause...
This can happen if an analyzer reported a vulnerability once, but later stopped doing so, e.g. because they fixed a false positive on their end. The "older" of your projects...
The API server is allowed to claim up to 90% of available memory for the JVM's heap per default: https://github.com/DependencyTrack/dependency-track/blob/b4edb30fcee9c75019391bb305bdd0534e087ea5/src/main/docker/Dockerfile#L19 Until heap usage approaches the maximum allowed size, there's little...
What version of DT are you using? Support for component properties was added in v4.11.
Hey @Shortfinga, thanks for throwing your hat into the ring! Work has not officially started yet, primarily because we were hoping for a bit more community feedback and involvement. So...
FYI, I added a link to the [recording of our September community meeting](https://www.youtube.com/watch?v=hzelt7jv6dE&t=1188s), where we discussed this topic, to the issue description. Perhaps this is helpful for people curious what...
Trivy is facing issues due to rate limiting of services hosting their databases: https://github.com/aquasecurity/trivy/discussions/8009 This is certainly relevant to us as well, since we're aiming to follow a similar model...
*Edit: Moved to https://github.com/DependencyTrack/dependency-track/issues/4524*