dependency-track

mirror of https://github.com/DependencyTrack/dependency-track.git synced 2025-10-19 16:03:19 +00:00

Author	SHA1	Message	Date
nscuro	056a9b7823	Remove system requirements check; Lower resource requirements Due to various optimisations in recent releases, the previous system requirements are no longer accurate. As a result, the system requirements check that prevents startup if less than 4GB heap is available is no longer practical either. Resource requirements largely depend on portfolio size and concurrent users. Signed-off-by: nscuro <nscuro@protonmail.com>	2025-06-16 17:47:40 +02:00
jakub-bochenski	30493358b0	docs: Additional info on connecting Entra Signed-off-by: jakub-bochenski <kuba.bochenski@gmail.com>	2025-06-10 17:10:03 +02:00
vdieieva	c5d9018f68	Add AWS Cognito configuration example Signed-off-by: vdieieva <106320338+vdieieva@users.noreply.github.com>	2025-06-06 18:05:03 +03:00
Dhavian Fernando Hernández	eda6d41920	docs: Update Azure AD configuration to Entra ID Signed-off-by: Dhavian Fernando Hernández <104927849+dhfherna@users.noreply.github.com>	2025-03-25 15:29:14 +00:00
nscuro	7d59c3f930	Implement basic telemetry collection Signed-off-by: nscuro <nscuro@protonmail.com> # Conflicts: # dev/docker-compose.yml	2025-02-23 16:03:35 +01:00
Dani Hengeveld	2fe140159a	Update Deploying Docker guide to Compose v2 - Added `ALPINE_OIDC_CLIENT_ID` environment variable to example. - Removed `docker-compose.yml` version top-level element (obsolote). Signed-off-by: Dani Hengeveld <dani10hengeveld@gmail.com>	2024-10-18 11:54:42 +02:00
rh0dy	805df0f4bd	Add red asterisks Signed-off-by: rh0dy <rh0dy@protonmail.com>	2024-07-04 20:30:16 +01:00
rh0dy	175876e363	Add OIDC documentation for OneLogin Signed-off-by: rh0dy <rh0dy@protonmail.com>	2024-07-04 20:30:16 +01:00
Martijn van der Meij	f4a84a3b8f	docs: add docs for base_path Signed-off-by: Martijn van der Meij <martijn.vandermeij@vattenfall.com>	2024-07-01 09:42:32 +02:00
nscuro	339b1e3429	Update database support docs * Raise supported versions for PostgreSQL and SQL Server to non-EOL versions * Add notice about deprecation of RDBMSes other than PostgreSQL in DT v5 Signed-off-by: nscuro <nscuro@protonmail.com>	2024-05-15 21:48:06 +02:00
nscuro	7d28a1ae1d	Add support for worker pool drain timeout This surfaces the functionality introduced in https://github.com/stevespringett/Alpine/pull/508 to Dependency-Track. It was previously only integrated into Hyades. Signed-off-by: nscuro <nscuro@protonmail.com>	2024-04-29 19:45:47 +02:00
nscuro	15d8e6b7d8	Fix license header; Add metrics documentation Signed-off-by: nscuro <nscuro@protonmail.com>	2024-04-16 21:52:16 +02:00
nscuro	0c7a548f51	Advertise official Helm chart in docs Signed-off-by: nscuro <nscuro@protonmail.com>	2024-04-07 19:37:44 +02:00
nscuro	2955c4a383	Clarify OpenID Connect group mapping to teams This hosts a couple of details which aren't immediately obvious out of the Keycloak walkthrough (which I had skimmed since we don't use that IdP) and clarifies that groups must match identically including case. Supersedes and closes #3269 Co-authored-by: Chris Adams <cadams@loc.gov> Signed-off-by: nscuro <nscuro@protonmail.com>	2024-03-10 19:00:24 +01:00
nscuro	f3529f44cd	Bump Alpine to `2.2.5-SNAPSHOT` Introduces: * Ability to assign default groups to OIDC users (https://github.com/stevespringett/Alpine/pull/535) * Tracking of `created` and `lastUsed` timestamps for API keys (https://github.com/stevespringett/Alpine/pull/537) * Addition of `comment` field to API keys (https://github.com/stevespringett/Alpine/pull/537) Closes #1068 Fixes #1556 Closes #3349 Signed-off-by: nscuro <nscuro@protonmail.com>	2024-01-28 21:57:14 +01:00
Niklas	d3e5aaa03a	Merge pull request #3411 from mikkeschiren/master Fix image link on openidconnect-configuration.md	2024-01-27 18:37:53 +01:00
Adam Setch	b53a324a2b	docs(azure-ad): use groups assigned to the application for large enterprises to avoid SSO issues Signed-off-by: Adam Setch <adam.setch@outlook.com>	2024-01-27 07:27:53 -05:00
Mikael Schirén	83795f126f	Fix image link on openidconnect-configuration.md Signed-off-by: Mikael Schirén <mikke.schiren@digitalistgroup.com>	2024-01-25 20:41:51 +01:00
nscuro	12295b4c3e	Add changelog for v4.10 Signed-off-by: nscuro <nscuro@protonmail.com>	2023-12-05 23:57:03 +01:00
Chris Adams	132c49662a	Docs: add note that the bundled Docker container doesn’t support OIDC https://github.com/DependencyTrack/dependency-track/issues/2962#issuecomment-1681076488 Signed-off-by: Chris Adams <cadams@loc.gov>	2023-11-09 10:32:41 -05:00
Chris Adams	4206809d47	Docs: explain ODIC failure mode for unreachable servers This makes some of the context from https://github.com/DependencyTrack/dependency-track/issues/1795 more discoverable. Signed-off-by: Chris Adams <cadams@loc.gov>	2023-11-09 10:32:25 -05:00
nscuro	54175762bf	Recommend `READ_COMMITTED_SNAPSHOT` isolation for MSSQL In response to #3133 Signed-off-by: nscuro <nscuro@protonmail.com>	2023-10-28 18:36:36 +02:00
nscuro	3ade7d4ac8	Add `alpine.api.key.prefix` to documentation Signed-off-by: nscuro <nscuro@protonmail.com>	2023-09-23 13:10:06 +02:00
nscuro	fc5d5d411d	Remove misleading configuration options Removes `alpine.enforce.authentication` and `alpine.enforce.authorization` from `application.properties` and documentation. Settings those values to `false` is not supported. Fixes #3043 Signed-off-by: nscuro <nscuro@protonmail.com>	2023-09-23 13:10:06 +02:00
nscuro	84c8031646	Add logging documentation Closes #2517 Signed-off-by: nscuro <nscuro@protonmail.com>	2023-08-04 14:54:55 +02:00
Niklas	561ef18d44	Merge pull request #2651 from trufflesecurity/cloud-sql-connectors Include Cloud SQL database connectors	2023-07-08 21:57:08 +02:00
nscuro	b74a2d31d6	Bump Alpine to `2.2.3-SNAPSHOT` Includes https://github.com/stevespringett/Alpine/pull/494 among other changes so far. Also added documentation for `alpine.datanucleus.cache.level2.type`. Signed-off-by: nscuro <nscuro@protonmail.com>	2023-06-12 20:20:39 +02:00
nscuro	849bf688e2	Add missing config docs for `alpine.oidc.client.id` Signed-off-by: nscuro <nscuro@protonmail.com>	2023-05-14 18:40:15 +02:00
Dustin Decker	d8e3af4df9	Include Cloud SQL database connectors Signed-off-by: Dustin Decker <dustin@trufflesec.com>	2023-04-07 10:15:42 -07:00
nscuro	e867283382	Add health check documentation Signed-off-by: nscuro <nscuro@protonmail.com>	2023-04-01 16:21:19 +02:00
Sergio Santiago	cf7c43a046	Fix Monitoring README Signed-off-by: Sergio Santiago <sergio.a.santiago@gmail.com>	2023-01-31 17:34:21 +01:00
Niklas	1892756d56	Add changelog for 4.7.0 (#2276 ) * Add draft changelog for 4.7.0 Signed-off-by: nscuro <nscuro@protonmail.com> * Add documentation for database connection pooling Signed-off-by: nscuro <nscuro@protonmail.com> * Add note on issue templates to `RELEASING.md` Signed-off-by: nscuro <nscuro@protonmail.com> * Add documentation for configurable secret key path Signed-off-by: nscuro <nscuro@protonmail.com> * Add documentation for exposed database metrics Signed-off-by: nscuro <nscuro@protonmail.com> * Update changelog with new additions Signed-off-by: nscuro <nscuro@protonmail.com> * Update changelog with new additions Signed-off-by: nscuro <nscuro@protonmail.com> * Update changelog with new additions Signed-off-by: nscuro <nscuro@protonmail.com> * Bump documentation version to 4.7 Signed-off-by: nscuro <nscuro@protonmail.com> * Update `RELEASING.md` Signed-off-by: nscuro <nscuro@protonmail.com> * Update changelog Signed-off-by: nscuro <nscuro@protonmail.com> * Add secret key conversion instructions Signed-off-by: nscuro <nscuro@protonmail.com> * Add contributors Signed-off-by: nscuro <nscuro@protonmail.com> * Update release date Signed-off-by: nscuro <nscuro@protonmail.com> * Add Jira integration to highlights Signed-off-by: nscuro <nscuro@protonmail.com> * Update hashes for frontend release artifact Signed-off-by: nscuro <nscuro@protonmail.com> Signed-off-by: nscuro <nscuro@protonmail.com>	2022-12-16 18:40:11 +01:00
Alioune SY	95051c8e86	doc: Adding forgotten IndexTask Signed-off-by: Alioune SY <sy_alioune@yahoo.fr>	2022-12-15 11:02:46 +01:00
Niklas	5838bc8adb	Various improvements for Snyk analyzer (#2246 ) * Add parsing logic for Snyk API errors Also move tests for SnykParser into their own class instead of keeping them in SnykAnalysisTaskTest. Signed-off-by: nscuro <nscuro@protonmail.com> * Use the actually useful error fields in Snyk responses Signed-off-by: nscuro <nscuro@protonmail.com> * Improve Snyk analyzer; Add tests; Fix various bugs Signed-off-by: nscuro <nscuro@protonmail.com> * Reword Snyk rate limiting config keys Signed-off-by: nscuro <nscuro@protonmail.com> * Fix SnykParserTest Signed-off-by: nscuro <nscuro@protonmail.com> * Use retries instead of client-side rate limiting when rate limited by the Snyk API Addresses #2248 Signed-off-by: nscuro <nscuro@protonmail.com> * Disable implicit retry behavior on all exceptions Signed-off-by: nscuro <nscuro@protonmail.com> * Update Snyk config keys documentation Signed-off-by: nscuro <nscuro@protonmail.com> * Report sunset API version only once per analysis Also send a notification instead of just logging it Signed-off-by: nscuro <nscuro@protonmail.com> * Add ability to use multiple Snyk tokens in round-robin Signed-off-by: nscuro <nscuro@protonmail.com> * Update Snyk docs Signed-off-by: nscuro <nscuro@protonmail.com> * Update default Snyk API version to 2022-11-14 Signed-off-by: nscuro <nscuro@protonmail.com> * Fix visibility of index field Signed-off-by: nscuro <nscuro@protonmail.com> * Update Snyk configuration screenshot Signed-off-by: nscuro <nscuro@protonmail.com> Signed-off-by: nscuro <nscuro@protonmail.com>	2022-12-09 10:09:15 +01:00
Niklas	2ac663c7d0	Merge pull request #2238 from nscuro/bump-alpine Bump alpine to 2.2.0-SNAPSHOT	2022-12-05 15:16:31 +01:00
nscuro	6496934f5f	Bump alpine to 2.2.0-SNAPSHOT Signed-off-by: nscuro <nscuro@protonmail.com>	2022-12-05 13:28:36 +01:00
Nathan Mittelette	3a59a54576	Issue 2197: Allow to bypass starting requirements Signed-off-by: Nathan Mittelette <mittelette.nathan@gmail.com>	2022-12-03 11:07:58 +01:00
syalioune	836da60abf	Implement caching for repository metadata analysis (#2129 ) * Feature: Implementing caching for Repository metadata analyzer Leverage the COMPONENTANALYSISCACHE table already used by vulnerability analyzers (See #1943) Signed-off-by: Alioune SY <sy_alioune@yahoo.fr> * Feature: Implementing caching for Repository metadata analyzer Implementing a configurable solution to cache stampede problem. Component analysis cache takes into account TTL (See #1943) Signed-off-by: Alioune SY <sy_alioune@yahoo.fr> * Feature: Implementing caching for Repository metadata analyzer Take into account some sonatype remarks. Signed-off-by: Alioune SY <sy_alioune@yahoo.fr> * Feature: Implementing caching for Repository metadata analyzer Take into account @nscuro review comments. Signed-off-by: Alioune SY <sy_alioune@yahoo.fr> * Feature: Implementing caching for Repository metadata analyzer Adding reasonable stampede bucker count interval in the documentation Signed-off-by: Alioune SY <sy_alioune@yahoo.fr> * Feature: Implementing caching for Repository metadata analyzer Fixing bad merge issue Signed-off-by: Alioune SY <sy_alioune@yahoo.fr> Signed-off-by: Alioune SY <sy_alioune@yahoo.fr>	2022-11-29 16:17:14 +01:00
Omer Levi Hevroni	da845e0b33	feat: added google oidc Signed-off-by: Omer Levi Hevroni <omer@goledge.com>	2022-11-24 09:41:38 +02:00
Alioune SY	200f432a10	Feature: Improving OSS Index Analyzer batching mechanism and overall resilience Taking into account preliminary review comments : Adding resilience4j retry metrics, renaming the properties and making the retryer object static Signed-off-by: Alioune SY <sy_alioune@yahoo.fr>	2022-11-01 11:24:23 +01:00
mehab	74f8f5f9c2	Modified readme files Signed-off-by: mehab <meha.bhargava2@gmail.com>	2022-10-26 17:01:40 +01:00
nscuro	9eb518b61d	Include SnykAnalysisTask thread pool in Prometheus metrics Also, give it a name and provide the same `uncaughtExceptionHandler` that is used by Alpine's event services. Signed-off-by: nscuro <nscuro@protonmail.com>	2022-10-21 15:28:53 +02:00
Valentijn Scholten	b798f1dcfe	typos Signed-off-by: Valentijn Scholten <valentijnscholten@gmail.com>	2022-10-12 19:15:04 +02:00
Valentijn Scholten	2630d94250	Add optional EXTRA_JAVA_OPTIONS environment variable Signed-off-by: Valentijn Scholten <valentijnscholten@gmail.com>	2022-10-12 18:48:46 +02:00
nscuro	c12c04d266	Update 4.6.0 changelogs; Add H2 v2 migration guide Signed-off-by: nscuro <nscuro@protonmail.com>	2022-09-18 17:08:15 +02:00
nscuro	e27ee26201	s/backend/API server/ Signed-off-by: nscuro <nscuro@protonmail.com>	2022-09-16 15:37:54 +02:00
nscuro	3cca5faf04	Clarify Java 17 requirement; Add missing metrics properties to Docker Compose examples Signed-off-by: nscuro <nscuro@protonmail.com>	2022-09-16 15:31:46 +02:00
nscuro	687acb3ee0	Change example database configs back to properties So it's consistent with the rest of the documentation for now. May want to change everything to environment variables later though... Signed-off-by: nscuro <nscuro@protonmail.com>	2022-09-16 15:31:46 +02:00
nscuro	55ccde5e2c	Update order of getting started pages Signed-off-by: nscuro <nscuro@protonmail.com>	2022-09-16 15:31:46 +02:00
nscuro	fe33559307	Include `EpssMirrorTask` in recurring tasks documentation Signed-off-by: nscuro <nscuro@protonmail.com>	2022-09-16 15:31:46 +02:00

1 2 3 4

152 commits