Niklas

icon indicating an email [email protected]

icon location Kiel, Germany icon location "I have no idea why this works. You better don't touch it."

Results 821 comments of Niklas

Tags are not updating the cards in UI

Note to self: Slightly related to #1682 as it involves calculation of metrics on-the-fly instead of relying on pre-calculated metrics.

Issues with componets comments in Projects

The *Comment* textbox is not supposed to hold your comment after submission. Commenting is intended to be "fire and forget". Comments are not lost, as they're recorded in the audit...

Consider supporting generic vulnerability scanners

More generally, this can be an architectural opportunity to decouple vulnerability detection from the API server. Even existing scanners like OSS Index could be decoupled in this way.

Make project search by tags case insensitive

Thanks for the PR @Mvld3r! I agree that tag naming and searching should be streamlined. However, this will be a breaking change for folks who currently rely on case sensitivity....

Withdrawn vulnerabilities still showing up

Marked as enhancement b/c "handling withdrawn vulnerabilities" appears more like a feature than a defect. In any case, definitely something we should take into account.

Add support for CDX vulnerability references

Closing this issue as basic functionality has been shipped with 4.6. I raised some issues for further improvements and introduced the [vuln-aliases](https://github.com/DependencyTrack/dependency-track/labels/vuln-aliases) label to track them. I'll also throw some...

Migrate Swagger to OpenAPI 3

I think I posted this in Slack a while back already, but another good approach we can take is to [generate](https://github.com/OpenAPITools/openapi-generator) resource definitions (read: interfaces with all sorts of validation...

Add Group ID or comments to groups in OIDC Groups

This is yet another area where different SSO providers have different behaviors. In Keycloak for example, there is no such thing as Group ID. So we can't make that additional...

Proposal: Migrate docs from Jekyll to MkDocs + Material for MkDocs

Threw a quick POC together and migrated a few pages here: https://nscuro.github.io/dependency-track/4.6.0-SNAPSHOT/ Docs are automatically deployed using GitHub Actions: https://github.com/nscuro/dependency-track/blob/mkdocs/.github/workflows/deploy-docs.yml Using [`mike`](https://github.com/jimporter/mike), we can serve multiple versions of the documentation:...

Upgrade to Java 17

Build failures are due to `InaccessibleObjectException`s in tests. This will be automatically resolved once https://github.com/stevespringett/Alpine/pull/410 is merged, which includes the necessary surefire arguments (https://github.com/stevespringett/Alpine/pull/410/commits/88b9762e9d170b12ac721baf2c0f6fb4dec5b5cd).