Skip to content

4.11.0
Compare
Choose a tag to compare
@dependencytrack-bot dependencytrack-bot released this 07 May 13:41
· 30 commits to master since this release
4.11.0
2859c98

Dependency Track Frontend

For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone.

# SHA1
80cddddaf5c9c73676065d4ab6fe7b3eff3ec8de  frontend-dist.zip
# SHA256
9c51c337f4b2a7e78730c70473cd24070773a0982d1c0ee6c13f9a6f18a756d5  frontend-dist.zip
# SHA512
bb45257838683472f64ff88a48a02c39808fadd2210a63b5fa143edced1320a0a593a3e23e69cce331beebe21278dc6d291daaeb632aa88b43c38e117a4e1bbd  frontend-dist.zip

What's Changed

Enhancements πŸš€

  • Add "Show in Dependency-Graph" Button in "Affected Projects" List [improved version] by @rkg-mm in #667
  • Include component count in projects list by @mykter in #683
  • feat(violations): add current fail, warn, info metrics to footer by @setchy in #707
  • fix(common): calculate percentage to tenth decimal place by @setchy in #708
  • refactor(dashboard): use consistent color for suppressed by @setchy in #712
  • refactor(dashboard): set progress colors via scss by @setchy in #713
  • feat(dashboard): display additional portfolio statistics by @setchy in #709
  • feat(dashboard): add vuln / non-vuln footer to projects and components cards by @setchy in #714
  • feat(dashboard): auditing progress for findings and policy violations by @setchy in #715
  • refactor(project details): improve UX for active/inactive toggle. by @setchy in #721
  • feat(dashboard): policy violations by state and classification cards by @setchy in #717
  • refactor(dashboard): show portfolio vulnerabilities severity in footer by @setchy in #718
  • feat(vulnerabilities): support active/inactive affected projects by @setchy in #723
  • feat(notifications): show publisher name on expanded row by @setchy in #728
  • New Subject Prefix Input Box by @LaVibeX in #720
  • Trivy support by @fnxpt in #656
  • feat(project): add tooltip to vuln progress bar by @setchy in #738
  • feat(project): finding badges including and excluding aliases by @setchy in #736
  • feat: improve tooltip clarity for project vulnerabilities by @setchy in #733
  • feat(project): policy violation badges by @setchy in #744
  • Global Audit View: Vulnerabilities by @rbt-mm in #411
  • feat: add eslint and prettier by @setchy in #752
  • Add auto-generated changelog to GitHub releases by @nscuro in #755
  • feat: lint on master by @setchy in #759
  • add token and new notifications by @fnxpt in #665
  • Handle BOM validation errors by @nscuro in #762
  • Update API key view to include created, last used, and comment by @nscuro in #768
  • feat(component): add namespace/group to component label/breadcrumb by @setchy in #777
  • feat(component): add internal column to component search list view by @setchy in #775
  • feat(component): add internal / external classification badge by @setchy in #776
  • refactor: perform saas slash-div migration by @setchy in #796
  • feat(license): use concise endpoint for license list view by @setchy in #793
  • feat(license): add deprecated column by @setchy in #792
  • Add Comment Column To External References by @aravindparappil46 in #803
  • add support from localization based on browser and languages by @fnxpt in #805
  • Add support for component properties by @nscuro in #811
  • Enhanced ProgressBar Contrast Ration by @validide in #816
  • Update Trivy option wording and fix vulnerability source label styling by @nscuro in #821
  • Experimental by @fnxpt in #815
  • Add locale picker to header by @nscuro in #824
  • feat(component-search): add license column by @setchy in #795
  • Display EPSS Score And Percentile In Vulnerability Page by @aravindparappil46 in #832
  • Force page reload after locale change by @nscuro in #839

Bug Fixes πŸ›

  • Use VUE_APP_SERVER_URL by @mykter in #682
  • Use unique fields for project list metrics columns by @mykter in #686
  • Project cloning: cloning Policy Violations and ViolatationAnalysis by @mge-mm in #655
  • Refactor finding detail and fix finding search routes by @mykter in #689
  • fix: correctly calculate audited violations and audited findings percentages by @setchy in #704
  • refactor: handle percentage calc edge cases by @setchy in #719
  • Fix "Outdated Only" button being disabled when dependency graph is not available by @nscuro in #725
  • Fix redundant requests to /api/v1/component when loading project page by @nscuro in #726
  • Fix table column visibility preferences triggering redundant requests by @nscuro in #727
  • Do not append @<version> when rendering CPEs in Affected Components view by @nscuro in #748
  • Fix Components column erroneously being sortable by @nscuro in #767
  • Fix API key rows not being displayed by @nscuro in #770
  • Fix link to projects in Portfolio Access Control view by @lukas-braune in #774
  • Aliases column is not displaying information in Vulnerabilities section by @LaVibeX in #766
  • fix: v-for explicit key by @setchy in #797
  • Require VIEW_PORTFOLIO permission for BOM download by @nscuro in #812
  • Add missing repo views for Hackage and Nixpkgs by @nscuro in #845

Dependency Updates πŸ€–

  • build(deps): bump nginxinc/nginx-unprivileged from f084834 to 1e29add in /docker by @dependabot in #669
  • build(deps): bump aquasecurity/trivy-action from 0.15.0 to 0.16.0 by @dependabot in #668
  • build(deps): bump actions/setup-node from 4.0.0 to 4.0.1 by @dependabot in #680
  • build(deps): bump github/codeql-action from 2 to 3 by @dependabot in #672
  • build(deps): bump nginxinc/nginx-unprivileged from 1e29add to fa82525 in /docker by @dependabot in #671
  • build(deps): bump nginxinc/nginx-unprivileged from fa82525 to 4426351 in /docker by @dependabot in #685
  • build(deps): bump aquasecurity/trivy-action from 0.16.0 to 0.16.1 by @dependabot in #690
  • build(deps): bump nginxinc/nginx-unprivileged from 4426351 to afc98ea in /docker by @dependabot in #687
  • build(deps): bump follow-redirects from 1.15.2 to 1.15.4 by @dependabot in #693
  • build(deps): bump nginxinc/nginx-unprivileged from afc98ea to 6703f05 in /docker by @dependabot in #691
  • build(deps): bump actions/download-artifact from 3.0.2 to 4.1.0 by @dependabot in #679
  • build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 by @dependabot in #675
  • build(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in #697
  • build(deps): bump nginxinc/nginx-unprivileged from 6703f05 to 966331a in /docker by @dependabot in #695
  • build(deps): bump actions/download-artifact from 4.1.0 to 4.1.1 by @dependabot in #694
  • build(deps): bump nginxinc/nginx-unprivileged from 966331a to cc3ca91 in /docker by @dependabot in #698
  • build(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in #700
  • build(deps): bump actions/dependency-review-action from 3 to 4 by @dependabot in #701
  • build(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in #703
  • build(deps): bump nginxinc/nginx-unprivileged from cc3ca91 to 939d113 in /docker by @dependabot in #702
  • build(deps): bump nginxinc/nginx-unprivileged from 939d113 to 69bd3c1 in /docker by @dependabot in #716
  • build(deps): bump actions/download-artifact from 4.1.1 to 4.1.2 by @dependabot in #731
  • build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in #730
  • build(deps): bump nginxinc/nginx-unprivileged from 69bd3c1 to e0be80a in /docker by @dependabot in #729
  • build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 by @dependabot in #732
  • build(deps): bump nginxinc/nginx-unprivileged from 1.25.3-alpine to 1.25.4-alpine in /docker by @dependabot in #740
  • build(deps): bump nginxinc/nginx-unprivileged from 643fe39 to ac1db3b in /docker by @dependabot in #742
  • build(deps): bump actions/setup-node from 4.0.1 to 4.0.2 by @dependabot in #737
  • build: add @vue/runtime-dom as devDependency by @setchy in #735
  • build(deps-dev): bump ip from 1.1.8 to 1.1.9 by @dependabot in #743
  • build(deps): bump nginxinc/nginx-unprivileged from ac1db3b to fe7d093 in /docker by @dependabot in #745
  • build(deps): bump nginxinc/nginx-unprivileged from fe7d093 to 87a01a6 in /docker by @dependabot in #749
  • build(deps): bump nginxinc/nginx-unprivileged from 87a01a6 to c50bd11 in /docker by @dependabot in #753
  • build(deps): bump actions/download-artifact from 4.1.2 to 4.1.3 by @dependabot in #754
  • build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #756
  • build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in #760
  • build(deps): bump actions/download-artifact from 4.1.3 to 4.1.4 by @dependabot in #761
  • build(deps): bump nginxinc/nginx-unprivileged from c50bd11 to 4ed6516 in /docker by @dependabot in #763
  • build(deps): bump docker/build-push-action from 5.1.0 to 5.2.0 by @dependabot in #769
  • build(deps): bump nginxinc/nginx-unprivileged from 4ed6516 to 39d8bcb in /docker by @dependabot in #771
  • build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #773
  • build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #778
  • build(deps): bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by @dependabot in #779
  • build(deps): bump docker/build-push-action from 5.2.0 to 5.3.0 by @dependabot in #780
  • build(deps): bump nginxinc/nginx-unprivileged from 39d8bcb to 4883a29 in /docker by @dependabot in #783
  • build(deps): bump nginxinc/nginx-unprivileged from 4883a29 to 7c1d415 in /docker by @dependabot in #788
  • build(deps): bump follow-redirects from 1.15.4 to 1.15.6 by @dependabot in #781
  • build(deps): bump aquasecurity/trivy-action from 0.18.0 to 0.19.0 by @dependabot in #791
  • build(deps): bump nginxinc/nginx-unprivileged from 7c1d415 to e5a49a7 in /docker by @dependabot in #799
  • chore(deps): pin and update to latest minor releases by @setchy in #798
  • build(deps): bump nginxinc/nginx-unprivileged from e5a49a7 to 5b49ce2 in /docker by @dependabot in #807
  • build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #806
  • build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in #813
  • build(deps): bump nginxinc/nginx-unprivileged from 5b49ce2 to 7b43166 in /docker by @dependabot in #817
  • build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #819
  • build(deps): bump actions/download-artifact from 4.1.4 to 4.1.5 by @dependabot in #820
  • build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #823
  • build(deps): bump nginxinc/nginx-unprivileged from 1.25.4-alpine to 1.25.5-alpine in /docker by @dependabot in #822
  • build(deps): bump actions/download-artifact from 4.1.5 to 4.1.6 by @dependabot in #827
  • build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #826
  • build(deps): bump nginxinc/nginx-unprivileged from 7c5f491 to 09ad4fe in /docker by @dependabot in #825
  • build(deps): bump actions/download-artifact from 4.1.6 to 4.1.7 by @dependabot in #830
  • build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #831
  • build(deps): bump nginxinc/nginx-unprivileged from 09ad4fe to 8a73655 in /docker by @dependabot in #829
  • build(deps): bump nginxinc/nginx-unprivileged from 8a73655 to 07b9c90 in /docker by @dependabot in #836
  • build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #846
  • build(deps): bump nginxinc/nginx-unprivileged from 07b9c90 to 0480c2b in /docker by @dependabot in #847

Other Changes

  • Add "Show in Dependency-Graph" Button in "Affected Projects" List by @rbt-mm in #573
  • ACL: Add projects to team should only show not yet added projects #101 by @rkg-mm in #662
  • docs: fix build status badge by @setchy in #699
  • refactor(dashboard): remove unused policy violations widget by @setchy in #710
  • chore: bump cyclonedx-npm package for npm10 support by @setchy in #750
  • chore: update engine ranges by @setchy in #751
  • Transfer copyright from Steve Springett to OWASP Foundation by @nscuro in #786
  • fix missing translation by @fnxpt in #828
  • Add Ukrainian πŸ‡ΊπŸ‡¦ i18n by @nscuro in #835
  • Add i18n documentation by @nscuro in #837
  • Fix some issues in German translation by @nscuro in #840
  • Run builds and CI on feature-* branches by @nscuro in #842

New Contributors

Full Changelog: 4.10.0...4.11.0

Contributors

setchy, mykter, and 10 other contributors
Assets 6