Stowage/dependency-track
2
0
Fork 0
mirror of https://github.com/DependencyTrack/dependency-track.git synced 2026-02-14 03:11:07 +00:00
Code Issues Projects Releases Packages Wiki Activity
770 commits 54 branches 81 tags 121 MiB
Commit graph

770 commits

This branch
This branch
All branches
Author SHA1 Message Date
Steve Springett
dd5960aca2 3.0.4 2018-05-02 12:22:24 -05:00
Steve Springett
f04fb1ce21 Spec sync 2018-05-01 14:37:23 -05:00
Steve Springett
0b39b371a3 Added support for scan or bom payloads to be (optionally) compressed archives (zip/gzip/gz). #136 2018-04-28 23:12:13 -05:00
Steve Springett
1dcce842d8 Specifying UTF-8 for SPDX and CycloneDX documents. 2018-04-27 15:13:15 -05:00
Steve Springett
767b1a997f Completed work on #137 by accounting for fields that are not present in related dependencies. 2018-04-26 23:35:30 -05:00
Steve Springett
fda92d4762 Added importing and processing of relatedDependencies. #137 2018-04-26 22:40:57 -05:00
Steve Springett
20a7972622 Added parsing support for relatedDependencies #137 2018-04-26 22:29:01 -05:00
Steve Springett
79204dd513 Added a metric refresh on a project after a bom or scan is uploaded to a project, processed, and analyzed. Closes #141 2018-04-26 22:07:15 -05:00
Steve Springett
b48bbcf8ad Completed auditing support for components in the portfolio. These are global analysis decisions affecting all projects. #65 2018-04-25 21:03:14 -05:00
Steve Springett
cc13bc4ea2 Updating Alpine to latest snapshot 2018-04-25 20:58:33 -05:00
Steve Springett
2b534d347a Fix for #117 2018-04-24 14:05:20 -05:00
Steve Springett
7973fddbb6 Added icons to tabbar 2018-04-24 12:46:38 -05:00
Steve Springett
2d3fb16e24 Added enforcement of unique constraint (project + component) to prevent the possibility of duplicate dependencies. #134 2018-04-23 23:10:36 -05:00
Steve Springett
edd6c4fe38 Completed support for analysis and suppression of dependencies #65. Added dependency metrics seperate from component metrics, which partially resolves #117 (still need to modify graph). 2018-04-23 23:03:07 -05:00
Steve Springett
4ca0e7cd78 Removed unused toolbar #65 2018-04-20 23:56:53 -05:00
Steve Springett
8ca50f74a5 Added support for suppressing findings #65. Todo: need to add suppression criteria to vulnerability resources and metrics. 2018-04-20 23:52:57 -05:00
Steve Springett
7c10012420 Initial support for client-side auditing support. #65 todo: add suppression capability, testing. 2018-04-19 23:25:56 -05:00
Steve Springett
5d5cf53379 Excluding logging implementation from SPDX tools 2018-04-15 23:24:53 -05:00
Steve Springett
9e9ef1fac1 Updating ODC to 3.1.2 2018-04-14 23:36:36 -05:00
Steve Springett
dd7c5fbcb1 Removed SPDX dependency exclusions as they are no longer necessary. https://github.com/spdx/tools/issues/145 2018-04-14 23:09:02 -05:00
Steve Springett
9127384dc9 Updated SPDX license support to 3.1. Closes #87 2018-04-14 22:37:19 -05:00
Steve Springett
5d60d4b26d Master Branch: Fix for #135 2018-04-14 14:14:13 -05:00
Steve Springett
b8525ca9f6 3.0.3 changelog 2018-04-13 10:49:13 -05:00
Steve Springett
e98feeb159 Master branch: Added logic to check for, and eliminate, duplicate dependency relationships. #134 2018-04-12 23:47:10 -05:00
Steve Springett
08737020cc Master branch: Added proper component reconciliation on scan and bom processing - #123 2018-04-12 17:16:30 -05:00
Steve Springett
3b26b97258 Fixed issue displaying date on a newly created project that has never been measured 2018-04-12 15:38:00 -05:00
Steve Springett
f28c041074 Master Branch: Updating use of Alpine to 1.1.2 - #131 2018-04-12 13:30:10 -05:00
Steve Springett
acf3bffb63 Making license not use L2 cache when used in context with a Component object. Strange behavior in that the License would occassionally (most of the time) be returned as a soft reference but without being fully populated. Not caching the license and forcing it to be queried on appears to solve the issue. 2018-04-11 23:42:55 -05:00
Steve Springett
5ab43c391c For master branch: Added VIEW_PORTFOLIO permission to default set of automation team permissions. #129 2018-04-09 21:57:30 -05:00
Steve Springett
65b31ee8b1 For master branch: Fixed the assigning of tags on project creation. #125 2018-04-09 12:20:30 -05:00
Steve Springett
7755a4873b Fixed issue with CWE not displaying in findings. Minor cosmetic changes. #65 2018-04-08 20:49:44 -05:00
Steve Springett
3f018720c5 Added Finding meta-model and resource. Added permission specific to auditing capability. Moved defect project view into 'Dependencies' tab. Added an Overview tab (with charts) and an Audit tab complete with findings. Audit tab is incomplete - Analysis, suppressions, and comments still need to be implemented. #65 2018-04-08 14:32:10 -05:00
Steve Springett
795271518b Fixed vulnerability chart 2018-04-07 15:32:06 -05:00
Steve Springett
147b0f0037 Componentized trending charts. Moved them to chart.js as they will be used else where in the future. 2018-04-07 15:13:23 -05:00
Steve Springett
58e2164d43 Moved normalized severity calculations to util class. Left convenience method in tact. 2018-04-05 20:45:29 -05:00
Steve Springett
8a22391786 Fixed defect resulting in incorrect vulnerability count 2018-04-03 20:30:31 -05:00
Steve Springett
f23a16e80c Added ability to toggle between multiple versions of the same project. 2018-04-02 14:49:06 -05:00
Steve Springett
26826ec44a Added ability to query for projects based on name in order to retrieve a list of project versions. Existing API contract works as expected. 2018-04-02 14:48:02 -05:00
Steve Springett
b769794858 removed disclaimers 2018-03-31 20:46:51 -05:00
Steve Springett
5ed8efeae7 Removed verbage 2018-03-31 20:45:27 -05:00
Steve Springett
e63f9a95e3 Shortening - added website 2018-03-31 20:26:19 -05:00
Steve Springett
32ec80275b ignore 2018-03-31 20:21:24 -05:00
Steve Springett
f15230aaf1
Update README.md 2018-03-30 20:51:09 -05:00
Steve Springett
71bf182e6b
Update README.md 2018-03-30 20:50:05 -05:00
Steve Springett
2605b7461c grammar 2018-03-30 16:43:21 -05:00
Steve Springett
f73f6a2a9d 3.0.2 release notes 2018-03-30 15:56:25 -05:00
Steve Springett
1ecfcbc4a8 Initial commit of sortable tables. Added indexes for specific sortable fields that didn't previously have index. #91 2018-03-29 23:15:14 -05:00
Steve Springett
fc666355ce Updating NVD URLs as reported in https://github.com/jeremylong/DependencyCheck/issues/1171 2018-03-29 21:45:43 -05:00
Steve Springett
8f10a1a3e8 v3.0.1 release notes 2018-03-29 17:48:46 -05:00
Steve Springett
1ef5e50650 Fix for #116. Only LDAPUsers were being counted as team members. Added the sum of both LDAP and Managed users to the total count. 
(cherry picked from commit 9bc916a)
 2018-03-29 11:55:03 -05:00