For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone.
# SHA1
953074d95757bea162931b7811885945bbe992aa dependency-track-apiserver.jar
53f3198f5422e1117f53859c5f42403f48a4a4e3 dependency-track-bundled.jar
# SHA256
3ff379380d35b9ff924014b680e7f3718c119f59b2cc4ee6ece4345a3ca1c110 dependency-track-apiserver.jar
fca1c0c69d543f4be3501f04d3293beef5b5db9fbad24d55cfc70ea2cc8e2b4f dependency-track-bundled.jar
# SHA512
4e6119cfc05ed8767cdf1302b31c47814a025d854fa5f793a6b1bb0341732762a40cc5f3b93f59e7432e75d3cf7f2aa44320df129b85cea9e1de8fb81a053fc5 dependency-track-apiserver.jar
a047cd00ebdc59074c096c7ab6b095e0367e563f07c6565ab33413d6b9c5dbcb42a89cc71136dbe04b9ef48697f00673a15c0e18313dcde6c9c04a069c901b33 dependency-track-bundled.jar
What's Changed
Enhancements 🚀
- Backport: Improve performance of vuln data source mirroring by @nscuro in #6040
- Backport: Handle epoch PURL qualifier for version comparison by @nscuro in #6083
- Backport: Add project filters to component identity search by @nscuro in #6087
Bug Fixes 🐛
Dependency Updates 🤖
- build(deps): bump io.github.jeremylong:open-vulnerability-clients from 9.0.3 to 9.0.4 by @dependabot[bot] in #6021
- build(deps-dev): bump io.github.ascopes:protobuf-maven-plugin from 5.1.0 to 5.1.2 by @dependabot[bot] in #6015
- build(deps): bump debian from
99fc6d2toe51bfcdin /src/main/docker by @dependabot[bot] in #6014 - build(deps-dev): bump io.github.ascopes:protobuf-maven-plugin from 5.1.2 to 5.1.3 by @dependabot[bot] in #6037
- build(deps): bump alpine from
2510918to5b10f43in /src/main/docker by @dependabot[bot] in #6030 - build(deps): bump eclipse-temurin from
305fb0ctod36843ain /src/main/docker by @dependabot[bot] in #6029 - build(deps): bump org.metaeffekt.core:ae-security from 0.153.2 to 0.153.3 by @dependabot[bot] in #6047
- build(deps-dev): bump io.swagger.parser.v3:swagger-parser from 2.1.39 to 2.1.40 by @dependabot[bot] in #6046
- Backport: Bump maven-artifact to 3.9.15 by @nscuro in #6048
- build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.6 to 5.6.1 by @dependabot[bot] in #6060
- build(deps): bump io.github.jeremylong:open-vulnerability-clients from 9.0.4 to 9.0.5 by @dependabot[bot] in #6066
- build(deps): bump debian from
e51bfcdto8f0c555in /src/main/docker by @dependabot[bot] in #6052 - build(deps): bump com.google.cloud.sql:cloud-sql-connector-jdbc-sqlserver from 1.28.2 to 1.28.3 by @dependabot[bot] in #6071
- build(deps-dev): bump org.testcontainers:testcontainers from 2.0.4 to 2.0.5 by @dependabot[bot] in #6076
- build(deps): bump com.google.cloud.sql:postgres-socket-factory from 1.28.2 to 1.28.3 by @dependabot[bot] in #6073
- build(deps): bump com.google.cloud.sql:mysql-socket-factory-connector-j-8 from 1.28.2 to 1.28.3 by @dependabot[bot] in #6072
- build(deps): bump org.metaeffekt.core:ae-security from 0.153.3 to 0.154.0 by @dependabot[bot] in #6080
- build(deps): bump org.apache.maven:maven-artifact from 3.9.14 to 3.9.15 by @dependabot[bot] in #6045
- build(deps): bump org.postgresql:postgresql from 42.7.10 to 42.7.11 by @dependabot[bot] in #6101
- build(deps-dev): bump io.swagger.parser.v3:swagger-parser from 2.1.40 to 2.1.41 by @dependabot[bot] in #6100
- Backport: Bump versatile to 0.18.1 by @nscuro in #6116
- Backport: Bump bundled frontend to 4.14.2 by @nscuro in #6122
Other Changes
- Backport: Ignore flaky VulnerableSoftwareIndexerTest by @nscuro in #6039
- Backport: Fix borked docs navigation by @nscuro in #6118
- Add changelog for 4.14.2 by @nscuro in #6120
Full Changelog: 4.14.1...4.14.2