Comments (1)
Should also update https://github.com/DependencyTrack/dependency-track/blob/master/src/main/resources/services.bom.json
And ensure the merging of the BOM generated during the build, and the services BOM linked above still works. For reference, this command is executed in CI to achieve this:
The merge is performed using the CycloneDX CLI:
Lines 516 to 540 in 757a966
It may be necessary to update the CLI in order to support CDX v1.5. In that case, this step in CI must be changed accordingly:
dependency-track/.github/workflows/_meta-build.yaml
Lines 36 to 42 in 757a966
from dependency-track.
Related Issues (20)
- Reset admin password documentation
- Issue connecting a AWS RDS Postgres instance to Dependency Track Api Server HOT 7
- Please exclude -alpha, -beta, -rc, -preview, -SNAPSHOT from possibly latest versions of a component
- VulnDB vulnerabilities are not assigning CVEs as Aliases HOT 1
- View Only Access to All Projects
- False positive with jetty
- DependencyTrack treats newer version as vulnerable while it is not
- Support Import of CycloneDX 1.6 BOMs HOT 1
- Add an API endpoint that returns the UUID of the last uploaded BoM for a project HOT 3
- VulnDB Vulnerabilities Always Shown as Unassigned Severity HOT 3
- Allow ask for values changed after a timestamp, especially in `/project` API
- Enhance badge API to require authorization HOT 1
- Classifier doesn't change when BOM of existing Project is reuploaded
- Inactive parent when its actual active HOT 1
- Problem with support BOM from trivy 0.50.0 (also 0.50.1) HOT 3
- OpenAPI GET /v1/component/project/{uuid} return value incorrect HOT 4
- Add support for Amazon ALAS datasources for Amazon Linux 1, 2 & 2023 HOT 3
- Enhance metrics to include audited/unaudited violations by classification HOT 2
- A field with a length greater than 255 is causing an error during BOM processing. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dependency-track.