Dependency-Track Should Perform Update Check #3638
Assignees
Labels
enhancement
New feature or request
p2
Non-critical bugs, and features that help organizations to identify and reduce risk
size/M
Medium effort
Milestone
Comments
|
Assigning this to myself, since this requires some organizational stuff to be sorted out. Mainly, we need a publicly accessible endpoint, hosted on the OWASP foundation's cloud infra. |
nscuro
added
p2
|
Can't you just query https://docs.github.com/de/rest/releases/releases?apiVersion=2022-11-28 ? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current Behavior
Unlike many CI/CD servers (eg Jenkins, SonarQube, Nexus Reposiitory Manager), Dependency-Track does not inform the administrator when a new version of DT is available.
Proposed Behavior
Dependency-Track should perform a regular check for latest version and clearly inform the administrator when an update is available.
If implemented in 4.12 and running 4.12, the MVP would be to inform that 4.12.1 or 4.13 is available. Ideally, the notification might separately also state that 5.0.0 is available... eg, inform of "minor/patch version update available" AND "major version update available"
The notification should also include a link (links) to release notes.
Checklist
The text was updated successfully, but these errors were encountered: