github DependencyTrack/dependency-track 5.0.1
on GitHub

6 hours ago

What's Changed

Enhancements 🚀

  • Backport: v4-migrator: Add TCP keepalive and optional socket timeout by @nscuro in #6348
  • Backport: v4-migrator: Fail fast when detecting bootstrap being pointed at v4 database by @nscuro in #6361
  • Backport: Allow out-of-order execution of Flyway migrations by @nscuro in #6366

Bug Fixes 🐛

  • Backport: Make REPOSITORY.AUTHENTICATIONREQUIRED non-nullable by @nscuro in #6349
  • Backport: Apply stricter PURL normalization for NPM package metadata resolution by @nscuro in #6350
  • Backport: Bypass outbox for notification rule tests by @nscuro in #6351
  • Backport: Fix NO_PROXY being rejected as legacy Alpine property by @nscuro in #6352
  • Backport: Reject parent objects with null UUID when creating/updating/patching projects by @nscuro in #6354
  • Backport: v4-migrator: only run post-load actions when load phase completes successfully by @nscuro in #6353
  • Backport: Fix NPE during LDAP auth when bind credentials are not configured by @nscuro in #6356
  • Backport: Fix suppressed vulns being considered for policy evaluation by @nscuro in #6357
  • Backport: Fix incomplete field coverage of /v1/finding/project/{uuid}'s searchText filter by @nscuro in #6358
  • Backport: Fix OIDC UserInfo endpoint not being invoked when team sync is enabled and ID token contains no teams claim by @nscuro in #6359
  • Backport: Fix URL-encoding of OSV ecosystem names by @nscuro in #6360
  • Backport: Support non-UTC timezones for metrics operations by @nscuro in #6363
  • Backport: Fix email notification publisher not populating the "From" header by @nscuro in #6362
  • Backport: v4-migrator: Fix confusing debug log for missing tgt_permission table by @nscuro in #6364
  • Backport: Fix URL-encoding of OSV ecosystem names when retrieving incremental advisories by @nscuro in #6375
  • Backport: Handle PAC-inaccessible target projects more gracefully for BOM uploads with autoCreate=true by @nscuro in #6377
  • Backport: Fix broken HTTP proxy basic auth by @nscuro in #6381
  • Backport: Fix team of API key not being auto-assigned project access after project creation by @nscuro in #6389

Full Changelog: 5.0.0...5.0.1

Check out latest releases or
releases around DependencyTrack/dependency-track 5.0.1

Don't miss a new dependency-track release

NewReleases is sending notifications on new releases.

Get notifications