For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone.
# SHA1
daab7ed5b760ff909e4b9cc041b89c3374c1d955 dependency-track-apiserver.jar
8ff2bd4db69e7083d501a4c489f703677044a5f0 dependency-track-bundled.jar
# SHA256
a76cc3417728bdc880f41af613e543d3e5f033d7b0b1db84ffb397bcbcb3936b dependency-track-apiserver.jar
fd1c25e2b2d727f377eeec8240370558a9796225fe4dc0f258021b1061fbc36f dependency-track-bundled.jar
# SHA512
1064d3d04da4d47f35d38f04956adbd2e24a5bc8f828c0f9a7c93705fb09f4ebcdee266a9d931aa64d94f583ef7c11ddc788dad2cf0b1682546c4fe927194b57 dependency-track-apiserver.jar
e0cc1abd661c991dd2ef3e19dd09903d609d2860c8510cc120bb399fb4751757d25cb05c1ef160e935579350a1cb060add556f3535e0b340f4bcbe848b9e0038 dependency-track-bundled.jar
What's Changed
Bug Fixes 🐛
- Backport: Handle breaking change in Trivy v0.54.0 server API by @nscuro in #4040
- Backport: Fix anchors in changelog documentation by @nscuro (original change by @JCHacking) in #4043
- Backport: Fix validation error when XML BOM declares multiple namespaces by @nscuro (original change by @philippn) in #4041
- Backport: Fix project link for new vulnerable dependency for email by @nscuro (original change by @2000rosser) in #4044
- Backport: Fix
JDOUserExceptionwhen multiple licenses match a component's license name by @nscuro in #4042 - Fix
parentfield occasionally missing in/api/v1/project/{uuid}responses by @nscuro in #4049 - Backport: Fix vex export returning invalid CycloneDX by @nscuro (original change by @SaberStrat) in #4054
Dependency Updates 🤖
- Backport: Bump Temurin base image to
21.0.4_7by @nscuro in #4056 - Bump bundled frontend to v4.11.6 by @nscuro in #4057
Other Changes
Full Changelog: 4.11.5...4.11.6