Conversation
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.33.1 to 0.34.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.33.1...0.34.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.34.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
github_actions
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
nscuro
approved these changes
Mar 3, 2026
nscuro
deleted the
dependabot/github_actions/dot-github/workflows/aquasecurity/trivy-action-0.34.0
branch
phbaer
pushed a commit
to phbaer/dtvp
that referenced
this pull request
Apr 19, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [dependencytrack/frontend](https://dependencytrack.org/) ([source](https://github.com/DependencyTrack/frontend)) | minor | `4.11.0` → `4.14.1` | --- ### Release Notes <details> <summary>DependencyTrack/frontend (dependencytrack/frontend)</summary> ### [`v4.14.1`](https://github.com/DependencyTrack/frontend/releases/tag/4.14.1) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.14.0...4.14.1) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 a08b4280aad4e9946908ca6fd05e1fbc0ad0f1af frontend-dist.zip # SHA256 e13d9b729d2082fcfb440bc1deb6f373290d1ead414447d8834368b4dbceec27 frontend-dist.zip # SHA512 ecb2853df2b6461f9986eef64b46b9165a3826dfa67c6c6e8a0efeade8a5c2c034fba3929892cb9f545ba03b30fa692db59aa2715a5441be33ca35d9cd3fc54b frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.14.1 --> #### What's Changed ##### Other Changes - Backport: GitHub Actions hardening by [@​nscuro](https://github.com/nscuro) in [#​1488](https://github.com/DependencyTrack/frontend/pull/1488) - Backport: Fix Japanese Trivy analyzer strings by [@​nscuro](https://github.com/nscuro) in [#​1489](https://github.com/DependencyTrack/frontend/pull/1489) - Backport: Improve Chinese (zh) translations by [@​nscuro](https://github.com/nscuro) in [#​1490](https://github.com/DependencyTrack/frontend/pull/1490) - Backport: Fix release workflow by [@​nscuro](https://github.com/nscuro) in [#​1492](https://github.com/DependencyTrack/frontend/pull/1492) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.14.0...4.14.1> ### [`v4.14.0`](https://github.com/DependencyTrack/frontend/releases/tag/4.14.0) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.13.6...4.14.0) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 8a822e22c6c087b0e46f9478f9b342d2e2bad162 frontend-dist.zip # SHA256 9a96be982a80c6c8714ad8d22a932d013a6b3593744083d551a7fb2b4a281aa3 frontend-dist.zip # SHA512 1179ac9a06eccb6b3fd6efc97cf6df38809fe55b139dd0b2027de1696738ea92ca73edd66cb68c64ebc2cc34b5c246fdcfcdf12978e0a313095d7faab8cb2820 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### Enhancements 🚀 - Improve German Translation by [@​fupgang](https://github.com/fupgang) in [#​1227](https://github.com/DependencyTrack/frontend/pull/1227) - Show collection projects using tag in tag list by [@​nscuro](https://github.com/nscuro) in [#​1237](https://github.com/DependencyTrack/frontend/pull/1237) - feat: add suffix to vulnerability locale keys by [@​setchy](https://github.com/setchy) in [#​1276](https://github.com/DependencyTrack/frontend/pull/1276) - chore(i18n-uk): update Ukrainian translations by [@​illenko](https://github.com/illenko) in [#​1287](https://github.com/DependencyTrack/frontend/pull/1287) - feat(ui): add match mode selector to internal component config [#​1282](https://github.com/DependencyTrack/frontend/issues/1282) by [@​ch8matt](https://github.com/ch8matt) in [#​1283](https://github.com/DependencyTrack/frontend/pull/1283) - feat: display license id by [@​setchy](https://github.com/setchy) in [#​1311](https://github.com/DependencyTrack/frontend/pull/1311) - Run Dependabot on latest release branch by [@​nscuro](https://github.com/nscuro) in [#​1364](https://github.com/DependencyTrack/frontend/pull/1364) - feat(scope): Support for scope mentioned in cyclonedx format. by [@​anantk24](https://github.com/anantk24) in [#​1319](https://github.com/DependencyTrack/frontend/pull/1319) - chore: remove duplicate call to `prebuild` from `package.json` by [@​jkowalleck](https://github.com/jkowalleck) in [#​1389](https://github.com/DependencyTrack/frontend/pull/1389) - Repositories Bearer Auth: Make username optional by [@​valentijnscholten](https://github.com/valentijnscholten) in [#​1128](https://github.com/DependencyTrack/frontend/pull/1128) - Add OSS Index Base URL configuration field by [@​brianf](https://github.com/brianf) in [#​1431](https://github.com/DependencyTrack/frontend/pull/1431) - feat: Add support for IS\_INTERNAL policy condition by [@​ch8matt](https://github.com/ch8matt) in [#​1394](https://github.com/DependencyTrack/frontend/pull/1394) - Add CVSSv4 support by [@​nscuro](https://github.com/nscuro) in [#​1455](https://github.com/DependencyTrack/frontend/pull/1455) ##### Bug Fixes 🐛 - fix: don't duplicate base-path in links by [@​Aurifi](https://github.com/Aurifi) in [#​1354](https://github.com/DependencyTrack/frontend/pull/1354) - fix(ui): remove policy UUID from tag search endpoint in SelectTagModal by [@​ch8matt](https://github.com/ch8matt) in [#​1363](https://github.com/DependencyTrack/frontend/pull/1363) - Run welcome message through DOMPurify before rendering it by [@​nscuro](https://github.com/nscuro) in [#​1378](https://github.com/DependencyTrack/frontend/pull/1378) - Fix redirect loop when authenticated user is lacking permissions by [@​nscuro](https://github.com/nscuro) in [#​1380](https://github.com/DependencyTrack/frontend/pull/1380) - Reseting isDisabled and re-initialize teams when opening create-modal. by [@​ElenaStroebele](https://github.com/ElenaStroebele) in [#​1410](https://github.com/DependencyTrack/frontend/pull/1410) ##### Dependency Updates 🤖 - build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1234](https://github.com/DependencyTrack/frontend/pull/1234) - build(deps): bump docker/build-push-action from 6.15.0 to 6.16.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1233](https://github.com/DependencyTrack/frontend/pull/1233) - build(deps): bump nginxinc/nginx-unprivileged from 1.27.4-alpine\@​sha256:d43566af1caeaf6d16d4880f587cdeb9e0efe172aad1d1d43ca4ce0fa304e293 to sha256:663d1f83b634d625f3c36b323b21cc5c2c4ed5ebf912a01bfe13cce2f455e92e in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1232](https://github.com/DependencyTrack/frontend/pull/1232) - build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1229](https://github.com/DependencyTrack/frontend/pull/1229) - build(deps): bump nginxinc/nginx-unprivileged from 1.27.4-alpine to 1.27.5-alpine in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1238](https://github.com/DependencyTrack/frontend/pull/1238) - build(deps): bump nginxinc/nginx-unprivileged from `ad90858` to `9d092c1` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1243](https://github.com/DependencyTrack/frontend/pull/1243) - build(deps): bump nginxinc/nginx-unprivileged from `9d092c1` to `b16a09b` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1247](https://github.com/DependencyTrack/frontend/pull/1247) - build(deps): bump nginxinc/nginx-unprivileged from `b16a09b` to `82a240b` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1249](https://github.com/DependencyTrack/frontend/pull/1249) - build(deps): bump docker/setup-buildx-action from 3.10.0 to 3.11.1 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1284](https://github.com/DependencyTrack/frontend/pull/1284) - build(deps): bump nginxinc/nginx-unprivileged from 1.27.5-alpine to 1.29.0-alpine in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1290](https://github.com/DependencyTrack/frontend/pull/1290) - build(deps-dev): bump pbkdf2 from 3.1.2 to 3.1.3 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1286](https://github.com/DependencyTrack/frontend/pull/1286) - build(deps): bump aquasecurity/trivy-action from 0.30.0 to 0.32.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1293](https://github.com/DependencyTrack/frontend/pull/1293) - build(deps): bump nginxinc/nginx-unprivileged from `7d08b59` to `7fa831d` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1292](https://github.com/DependencyTrack/frontend/pull/1292) - build(deps): bump nginxinc/nginx-unprivileged from `7fa831d` to `43e46e2` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1299](https://github.com/DependencyTrack/frontend/pull/1299) - build(deps): bump docker/build-push-action from 6.16.0 to 6.18.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1260](https://github.com/DependencyTrack/frontend/pull/1260) - build(deps): bump docker/login-action from 3.4.0 to 3.5.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1301](https://github.com/DependencyTrack/frontend/pull/1301) - build(deps): bump nginxinc/nginx-unprivileged from `43e46e2` to `094aa5b` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1307](https://github.com/DependencyTrack/frontend/pull/1307) - build(deps): bump nginxinc/nginx-unprivileged from 1.29.0-alpine to 1.29.1-alpine in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1313](https://github.com/DependencyTrack/frontend/pull/1313) - build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1308](https://github.com/DependencyTrack/frontend/pull/1308) - build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1302](https://github.com/DependencyTrack/frontend/pull/1302) - build(deps): bump aquasecurity/trivy-action from 0.32.0 to 0.33.1 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1327](https://github.com/DependencyTrack/frontend/pull/1327) - build(deps): bump nginxinc/nginx-unprivileged from `5fed1af` to `7f2bd11` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1323](https://github.com/DependencyTrack/frontend/pull/1323) - build(deps): bump docker/login-action from 3.5.0 to 3.6.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1343](https://github.com/DependencyTrack/frontend/pull/1343) - build(deps): bump nginxinc/nginx-unprivileged from 1.29.1-alpine to 1.29.2-alpine in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1348](https://github.com/DependencyTrack/frontend/pull/1348) - build(deps): bump github/codeql-action from 3 to 4 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1347](https://github.com/DependencyTrack/frontend/pull/1347) - build(deps): bump nginxinc/nginx-unprivileged from `a9155b2` to `7f26470` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1350](https://github.com/DependencyTrack/frontend/pull/1350) - build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1330](https://github.com/DependencyTrack/frontend/pull/1330) - build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1357](https://github.com/DependencyTrack/frontend/pull/1357) - build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1358](https://github.com/DependencyTrack/frontend/pull/1358) - build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1352](https://github.com/DependencyTrack/frontend/pull/1352) - build(deps): bump nginxinc/nginx-unprivileged from `7f26470` to `34536ff` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1351](https://github.com/DependencyTrack/frontend/pull/1351) - build(deps): bump docker/setup-qemu-action from 3.6.0 to 3.7.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1377](https://github.com/DependencyTrack/frontend/pull/1377) - build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1405](https://github.com/DependencyTrack/frontend/pull/1405) - build(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1404](https://github.com/DependencyTrack/frontend/pull/1404) - build(deps): bump nginxinc/nginx-unprivileged from 1.29.2-alpine to 1.29.3-alpine in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1401](https://github.com/DependencyTrack/frontend/pull/1401) - build(deps): bump actions/setup-node from 6.0.0 to 6.1.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1400](https://github.com/DependencyTrack/frontend/pull/1400) - build(deps): bump actions/checkout from 5.0.0 to 6.0.1 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1399](https://github.com/DependencyTrack/frontend/pull/1399) - update dompurify to 3.3.0 by [@​snieguu](https://github.com/snieguu) in [#​1395](https://github.com/DependencyTrack/frontend/pull/1395) - build(deps): bump docker/setup-buildx-action from 3.11.1 to 3.12.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1411](https://github.com/DependencyTrack/frontend/pull/1411) - build(deps): bump nginxinc/nginx-unprivileged from `c6ff4f1` to `11cab18` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1407](https://github.com/DependencyTrack/frontend/pull/1407) - build(deps): bump actions/setup-node from 6.1.0 to 6.2.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1420](https://github.com/DependencyTrack/frontend/pull/1420) - build(deps): bump nginxinc/nginx-unprivileged from `11cab18` to `c3b9dd8` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1413](https://github.com/DependencyTrack/frontend/pull/1413) - build(deps): bump nginxinc/nginx-unprivileged from `c3b9dd8` to `7445ca3` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1422](https://github.com/DependencyTrack/frontend/pull/1422) - build(deps): bump nginxinc/nginx-unprivileged from `7445ca3` to `0620420` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1426](https://github.com/DependencyTrack/frontend/pull/1426) - build(deps): bump actions/checkout from 6.0.1 to 6.0.2 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1430](https://github.com/DependencyTrack/frontend/pull/1430) - build(deps): bump nginxinc/nginx-unprivileged from `0620420` to `5aea7cc` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1432](https://github.com/DependencyTrack/frontend/pull/1432) - build(deps): bump docker/login-action from 3.6.0 to 3.7.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1435](https://github.com/DependencyTrack/frontend/pull/1435) - build(deps): bump docker/build-push-action from 6.18.0 to 6.19.2 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1445](https://github.com/DependencyTrack/frontend/pull/1445) - build(deps): bump nginxinc/nginx-unprivileged from 1.29.3-alpine to 1.29.5-alpine in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1439](https://github.com/DependencyTrack/frontend/pull/1439) - build(deps): bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 in /.github/workflows by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1446](https://github.com/DependencyTrack/frontend/pull/1446) - build(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1450](https://github.com/DependencyTrack/frontend/pull/1450) - build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1451](https://github.com/DependencyTrack/frontend/pull/1451) - build(deps): bump aquasecurity/trivy-action from 0.33.1 to 0.34.2 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1453](https://github.com/DependencyTrack/frontend/pull/1453) - build(deps): bump docker/build-push-action from 6.19.2 to 7.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1464](https://github.com/DependencyTrack/frontend/pull/1464) - build(deps): bump docker/setup-buildx-action from 3.12.0 to 4.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1463](https://github.com/DependencyTrack/frontend/pull/1463) - build(deps): bump docker/setup-qemu-action from 3.7.0 to 4.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1459](https://github.com/DependencyTrack/frontend/pull/1459) - build(deps): bump actions/setup-node from 6.2.0 to 6.3.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1461](https://github.com/DependencyTrack/frontend/pull/1461) - build(deps): bump docker/login-action from 3.7.0 to 4.0.0 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1460](https://github.com/DependencyTrack/frontend/pull/1460) - build(deps): bump nginxinc/nginx-unprivileged from `a731ba0` to `e93571f` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1457](https://github.com/DependencyTrack/frontend/pull/1457) - build(deps): bump dompurify from 3.3.0 to 3.3.2 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1465](https://github.com/DependencyTrack/frontend/pull/1465) ##### Other Changes - chore: Update versions in defect-report.yml by [@​setchy](https://github.com/setchy) in [#​1224](https://github.com/DependencyTrack/frontend/pull/1224) - feat(i18n): add Traditional Chinese (zh-TW) language support and update related translations by [@​wengct](https://github.com/wengct) in [#​1412](https://github.com/DependencyTrack/frontend/pull/1412) - Remove database information from About dialogue by [@​nscuro](https://github.com/nscuro) in [#​1421](https://github.com/DependencyTrack/frontend/pull/1421) - Add missing internal\_status i18n key for zh-TW locale by [@​nscuro](https://github.com/nscuro) in [#​1456](https://github.com/DependencyTrack/frontend/pull/1456) #### New Contributors - [@​illenko](https://github.com/illenko) made their first contribution in [#​1287](https://github.com/DependencyTrack/frontend/pull/1287) - [@​ch8matt](https://github.com/ch8matt) made their first contribution in [#​1283](https://github.com/DependencyTrack/frontend/pull/1283) - [@​Aurifi](https://github.com/Aurifi) made their first contribution in [#​1354](https://github.com/DependencyTrack/frontend/pull/1354) - [@​anantk24](https://github.com/anantk24) made their first contribution in [#​1319](https://github.com/DependencyTrack/frontend/pull/1319) - [@​jkowalleck](https://github.com/jkowalleck) made their first contribution in [#​1389](https://github.com/DependencyTrack/frontend/pull/1389) - [@​snieguu](https://github.com/snieguu) made their first contribution in [#​1395](https://github.com/DependencyTrack/frontend/pull/1395) - [@​ElenaStroebele](https://github.com/ElenaStroebele) made their first contribution in [#​1410](https://github.com/DependencyTrack/frontend/pull/1410) - [@​wengct](https://github.com/wengct) made their first contribution in [#​1412](https://github.com/DependencyTrack/frontend/pull/1412) - [@​brianf](https://github.com/brianf) made their first contribution in [#​1431](https://github.com/DependencyTrack/frontend/pull/1431) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.13.0...4.14.0> ### [`v4.13.6`](https://github.com/DependencyTrack/frontend/releases/tag/4.13.6) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.13.5...4.13.6) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 525b47c72fb3bdbb675b5c5414319e5f19e43b03 frontend-dist.zip # SHA256 84440921692e95c88378e1f82738ccea24c2fb038083b42b3f1c98b1f6702a4a frontend-dist.zip # SHA512 9ef9a91c8cc4f4e9a95d11189d710a6146ba5bef2d2880b4ba1337ec53dd5eb066e16d77a0d4403e22acfebae7eec99b1bcbbb3686bbd61bd32e0ed6f5b997ce frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.13.x --> #### What's Changed ##### Bug Fixes 🐛 - Backport: Don't duplicate base-path in links by [@​nscuro](https://github.com/nscuro) in [#​1381](https://github.com/DependencyTrack/frontend/pull/1381) - Backport: Remove policy UUID from tag search endpoint in SelectTagModal by [@​nscuro](https://github.com/nscuro) in [#​1382](https://github.com/DependencyTrack/frontend/pull/1382) - Backport: Run welcome message through DOMPurify before rendering it by [@​nscuro](https://github.com/nscuro) in [#​1383](https://github.com/DependencyTrack/frontend/pull/1383) - Backport: Fix redirect loop when authenticated user is lacking permissions by [@​nscuro](https://github.com/nscuro) in [#​1386](https://github.com/DependencyTrack/frontend/pull/1386) ##### Dependency Updates 🤖 - build(deps): bump nginxinc/nginx-unprivileged from 1.29.1-alpine to 1.29.2-alpine in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1365](https://github.com/DependencyTrack/frontend/pull/1365) - build(deps-dev): bump eslint-plugin-vue from 9.24.0 to 9.24.1 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1370](https://github.com/DependencyTrack/frontend/pull/1370) - build(deps-dev): bump [@​babel/core](https://github.com/babel/core) from 7.24.3 to 7.24.9 by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1368](https://github.com/DependencyTrack/frontend/pull/1368) - build(deps): bump nginxinc/nginx-unprivileged from `dd1707e` to `fb08922` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1373](https://github.com/DependencyTrack/frontend/pull/1373) - build(deps): bump nginxinc/nginx-unprivileged from `fb08922` to `2cddd18` in /docker by [@​dependabot](https://github.com/dependabot)\[bot] in [#​1376](https://github.com/DependencyTrack/frontend/pull/1376) ##### Other Changes - Backport: Update Ukrainian translations by [@​nscuro](https://github.com/nscuro) in [#​1385](https://github.com/DependencyTrack/frontend/pull/1385) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.13.5...4.13.6> ### [`v4.13.5`](https://github.com/DependencyTrack/frontend/releases/tag/4.13.5) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.13.4...4.13.5) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 e441f28a656b710766a9fd85360872bc9330d14c frontend-dist.zip # SHA256 fb67bf767e2142b72dbd226b984a1faee9e491d108ccfd29860a49e0b5b15a12 frontend-dist.zip # SHA512 ec9ba943b32ff38b3c8e8c6b4e804a900bcdb1af5ce042cbdf0e03057c2fa6664cce2e367cdd674eace998016a426c0be392e1472a22baa181277d80aa1e57f0 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.13.x --> #### What's Changed ##### Dependency Updates 🤖 - Bump NGINX base image to 1.29.1 by [@​nscuro](https://github.com/nscuro) in [#​1346](https://github.com/DependencyTrack/frontend/pull/1346) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.13.4...4.13.5> ### [`v4.13.4`](https://github.com/DependencyTrack/frontend/releases/tag/4.13.4) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.13.3...4.13.4) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 827522ca8079450a8560a58a1b4e71add0a5d630 frontend-dist.zip # SHA256 d0e604300d52047c32a98a51aa32e1cf2276525fa81557c4c95f1ad49f30d820 frontend-dist.zip # SHA512 61289a55c724fd4ddcc41bf6282ecb1c7dcc7925d0fffa7026ef3b2dc4892b27ed8b2614c171d8842ced3bb0a0a7e3255158678ddc730f684060fedcacbb3270 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.13.x --> **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.13.3...4.13.4> ### [`v4.13.3`](https://github.com/DependencyTrack/frontend/releases/tag/4.13.3) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.13.2...4.13.3) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 5eeea5e7bd1db7c40f45380580518eea7bdc53d7 frontend-dist.zip # SHA256 f5bdf91803fb99b966f38be60b937adec96036b80bf7a793d32bb51b67f6fd7b frontend-dist.zip # SHA512 22967b91d2e6f2715ad14b23f65fc674ba059ee407b96e12672846036e1e882e1c4ad024297ed55f0d1b668992d890f0c787260b5587c349c746f254903879cc frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.13.x --> #### What's Changed ##### Dependency Updates 🤖 - Bump NGINX base image to latest digest by [@​nscuro](https://github.com/nscuro) in [#​1300](https://github.com/DependencyTrack/frontend/pull/1300) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.13.2...4.13.3> ### [`v4.13.2`](https://github.com/DependencyTrack/frontend/releases/tag/4.13.2) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.13.1...4.13.2) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 987a3b3a37fad4143b295ff9a7fcbacef7e915f4 frontend-dist.zip # SHA256 94fc935e62a657e5f10bff9b9a8657841f0c2f2e53fd234c881580874bb95f14 frontend-dist.zip # SHA512 d2aa31b7aaf5a06bdce6e4403b946824872993fd719a8551bcc310c2b3e5b64ecb82482fe4035a95d88f7dab37c603800befa865316695d4acba48a691778d97 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.13.x --> **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.13.1...4.13.2> ### [`v4.13.1`](https://github.com/DependencyTrack/frontend/releases/tag/4.13.1) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.13.0...4.13.1) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 ad0926abed617069934cf198670d7dba4e3f6867 frontend-dist.zip # SHA256 0ae8950c4aa0713dc52812225720cb27cf2da17d32badcda9c2be8c3872720e6 frontend-dist.zip # SHA512 f5741100c881a2801f0fd32c1a4ba4596088e72de18e15d2264641c303f2c1829bc6547f64852f7fabec1a3928d5e95a0eed72e8e877d2fd722f94dadaba8eb2 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.13.x --> #### What's Changed ##### Enhancements 🚀 - Show collection projects using tag in tag list by [@​nscuro](https://github.com/nscuro) in [#​1241](https://github.com/DependencyTrack/frontend/pull/1241) ##### Dependency Updates 🤖 - build(deps): bump nginxinc/nginx-unprivileged from 1.27.4-alpine to 1.27.5-alpine in /docker by [@​nscuro](https://github.com/nscuro) in [#​1242](https://github.com/DependencyTrack/frontend/pull/1242) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.13.0...4.13.1> ### [`v4.13.0`](https://github.com/DependencyTrack/frontend/releases/tag/4.13.0) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.7...4.13.0) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 5f18d23205cff4627ff6330bca9f70f71810da89 frontend-dist.zip # SHA256 e64676821351096cce62735d28a15b2ae62c4ba66c1b295ab119a9b83f94eef0 frontend-dist.zip # SHA512 204049470e226b82feceb690ddf3d21eb70433efafa6b2210790c63a43c5bcd46c69f0112a1a9331e2af1b69e998a8300808ca6e5fcb6e3f9acec0b4bf6fd9eb frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### Enhancements 🚀 - Add new optional column `Classifier` in project component view by [@​2000rosser](https://github.com/2000rosser) in [#​1058](https://github.com/DependencyTrack/frontend/pull/1058) - Added buttons to add/delete/edit the affected Components by [@​Gepardgame](https://github.com/Gepardgame) in [#​1060](https://github.com/DependencyTrack/frontend/pull/1060) - Improved Russian Translation by [@​WoozyMasta](https://github.com/WoozyMasta) in [#​1106](https://github.com/DependencyTrack/frontend/pull/1106) - Introduce "collection" projects for better usage of hierarchical view by [@​rkg-mm](https://github.com/rkg-mm) in [#​658](https://github.com/DependencyTrack/frontend/pull/658) - Label `destination` input as "Jira project key" for Jira alerts by [@​nscuro](https://github.com/nscuro) in [#​1114](https://github.com/DependencyTrack/frontend/pull/1114) - Add timestamp formatting to chart tooltips by [@​Rudra-Garg](https://github.com/Rudra-Garg) in [#​1152](https://github.com/DependencyTrack/frontend/pull/1152) - Handle new API key format and generation process by [@​Gepardgame](https://github.com/Gepardgame) in [#​1157](https://github.com/DependencyTrack/frontend/pull/1157) - Change API key field `clearTextKey` to `key` by [@​nscuro](https://github.com/nscuro) in [#​1168](https://github.com/DependencyTrack/frontend/pull/1168) - Add telemetry admin view by [@​nscuro](https://github.com/nscuro) in [#​1164](https://github.com/DependencyTrack/frontend/pull/1164) - Add Bluesky link to About dialog by [@​nscuro](https://github.com/nscuro) in [#​1188](https://github.com/DependencyTrack/frontend/pull/1188) - Add trivy scanner option UI by [@​mjwrona](https://github.com/mjwrona) in [#​1209](https://github.com/DependencyTrack/frontend/pull/1209) - Add autocomplete to project collection logic tag dropdown by [@​jayolee](https://github.com/jayolee) in [#​1198](https://github.com/DependencyTrack/frontend/pull/1198) - Integrate scheduled alerts into existing alerts views by [@​nscuro](https://github.com/nscuro) in [#​1210](https://github.com/DependencyTrack/frontend/pull/1210) - Display last vuln analysis timestamp in project view by [@​nscuro](https://github.com/nscuro) in [#​1218](https://github.com/DependencyTrack/frontend/pull/1218) ##### Bug Fixes 🐛 - Fix creation of multiple projects without reloading page by [@​rkg-mm](https://github.com/rkg-mm) in [#​1028](https://github.com/DependencyTrack/frontend/pull/1028) - Fix OIDC users not being displayed in Team view by [@​Gepardgame](https://github.com/Gepardgame) in [#​1034](https://github.com/DependencyTrack/frontend/pull/1034) - Fix state of sidebar not being saved for non-`SNAPSHOT` versions by [@​Gepardgame](https://github.com/Gepardgame) in [#​1032](https://github.com/DependencyTrack/frontend/pull/1032) - Always display project nodes in dependency graph using name and version by [@​nscuro](https://github.com/nscuro) in [#​1048](https://github.com/DependencyTrack/frontend/pull/1048) - Fix caching issues upon upgrade by [@​nscuro](https://github.com/nscuro) in [#​1050](https://github.com/DependencyTrack/frontend/pull/1050) - Fix: "Add Version" Create Button Should Be Inactive Until Version Provided by [@​IdrisGit](https://github.com/IdrisGit) in [#​1039](https://github.com/DependencyTrack/frontend/pull/1039) - Fix missing URI encoding of tag names by [@​nscuro](https://github.com/nscuro) in [#​1056](https://github.com/DependencyTrack/frontend/pull/1056) - docker: fix ipv6 listening by [@​rissson](https://github.com/rissson) in [#​1063](https://github.com/DependencyTrack/frontend/pull/1063) - fix: breadcrumbs navigation broken for non-english language by [@​IdrisGit](https://github.com/IdrisGit) in [#​1066](https://github.com/DependencyTrack/frontend/pull/1066) - docker: fix ipv6 listening by [@​rissson](https://github.com/rissson) in [#​1078](https://github.com/DependencyTrack/frontend/pull/1078) - Fix tags with special characters breaking the tags table by [@​nscuro](https://github.com/nscuro) in [#​1082](https://github.com/DependencyTrack/frontend/pull/1082) - Prefill *Team* input in *Create Project* dialog based on user's team membership by [@​Gepardgame](https://github.com/Gepardgame) in [#​1089](https://github.com/DependencyTrack/frontend/pull/1089) - Fix no error being displayed when submitting an invalid welcome message by [@​Gepardgame](https://github.com/Gepardgame) in [#​1091](https://github.com/DependencyTrack/frontend/pull/1091) - Show component properties to users with VIEW\_PORTFOLIO permission by [@​Shortfinga](https://github.com/Shortfinga) in [#​1095](https://github.com/DependencyTrack/frontend/pull/1095) - Fix missing URI encoding for vulnerability IDs by [@​nscuro](https://github.com/nscuro) in [#​1098](https://github.com/DependencyTrack/frontend/pull/1098) - Port: Fix affected projects tab not being updated when switching between vulnerability aliases by [@​nscuro](https://github.com/nscuro) in [#​1135](https://github.com/DependencyTrack/frontend/pull/1135) - Fix broken ordering by SWID Tag ID in component search view by [@​nscuro](https://github.com/nscuro) in [#​1154](https://github.com/DependencyTrack/frontend/pull/1154) - Fix column visibility preference not considered for project list by [@​nscuro](https://github.com/nscuro) in [#​1169](https://github.com/DependencyTrack/frontend/pull/1169) - Fix policy violation tab indicators being populated incorrectly by [@​nscuro](https://github.com/nscuro) in [#​1171](https://github.com/DependencyTrack/frontend/pull/1171) - Fix wrong policy violation tab indicator visibility conditions by [@​nscuro](https://github.com/nscuro) in [#​1174](https://github.com/DependencyTrack/frontend/pull/1174) - Fix tag autocomplete dropdown library style overriding issue by [@​jayolee](https://github.com/jayolee) in [#​1213](https://github.com/DependencyTrack/frontend/pull/1213) - Fix "show in dependency graph" yielding a 403 error by [@​nscuro](https://github.com/nscuro) in [#​1217](https://github.com/DependencyTrack/frontend/pull/1217) ##### Dependency Updates 🤖 - build(deps): bump nginxinc/nginx-unprivileged from 1.27.1-alpine to 1.27.2-alpine in /docker by [@​dependabot](https://github.com/dependabot) in [#​1030](https://github.com/DependencyTrack/frontend/pull/1030) - build(deps): bump docker/setup-buildx-action from 3.6.1 to 3.7.1 by [@​dependabot](https://github.com/dependabot) in [#​1029](https://github.com/DependencyTrack/frontend/pull/1029) - build(deps): bump actions/upload-artifact from 4.3.6 to 4.4.1 by [@​dependabot](https://github.com/dependabot) in [#​1038](https://github.com/DependencyTrack/frontend/pull/1038) - build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by [@​dependabot](https://github.com/dependabot) in [#​1037](https://github.com/DependencyTrack/frontend/pull/1037) - build(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.25.0 by [@​dependabot](https://github.com/dependabot) in [#​1036](https://github.com/DependencyTrack/frontend/pull/1036) - build(deps): bump nginxinc/nginx-unprivileged from `5423958` to `cf998f0` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1035](https://github.com/DependencyTrack/frontend/pull/1035) - build(deps): bump actions/upload-artifact from 4.4.1 to 4.4.2 by [@​dependabot](https://github.com/dependabot) in [#​1041](https://github.com/DependencyTrack/frontend/pull/1041) - build(deps): bump aquasecurity/trivy-action from 0.25.0 to 0.26.0 by [@​dependabot](https://github.com/dependabot) in [#​1040](https://github.com/DependencyTrack/frontend/pull/1040) - build(deps): bump actions/upload-artifact from 4.4.2 to 4.4.3 by [@​dependabot](https://github.com/dependabot) in [#​1054](https://github.com/DependencyTrack/frontend/pull/1054) - build(deps): bump nginxinc/nginx-unprivileged from `cf998f0` to `3377b22` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1064](https://github.com/DependencyTrack/frontend/pull/1064) - build(deps): bump aquasecurity/trivy-action from 0.26.0 to 0.28.0 by [@​dependabot](https://github.com/dependabot) in [#​1065](https://github.com/DependencyTrack/frontend/pull/1065) - build(deps): bump nginxinc/nginx-unprivileged from `3377b22` to `8096c72` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1067](https://github.com/DependencyTrack/frontend/pull/1067) - build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by [@​dependabot](https://github.com/dependabot) in [#​1070](https://github.com/DependencyTrack/frontend/pull/1070) - build(deps): bump actions/setup-node from 4.0.4 to 4.1.0 by [@​dependabot](https://github.com/dependabot) in [#​1072](https://github.com/DependencyTrack/frontend/pull/1072) - build(deps): bump nginxinc/nginx-unprivileged from `8096c72` to `dbe45a3` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1075](https://github.com/DependencyTrack/frontend/pull/1075) - build(deps): bump docker/build-push-action from 6.9.0 to 6.10.0 by [@​dependabot](https://github.com/dependabot) in [#​1094](https://github.com/DependencyTrack/frontend/pull/1094) - build(deps): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0 by [@​dependabot](https://github.com/dependabot) in [#​1092](https://github.com/DependencyTrack/frontend/pull/1092) - build(deps): bump nginxinc/nginx-unprivileged from 1.27.2-alpine to 1.27.3-alpine in /docker by [@​dependabot](https://github.com/dependabot) in [#​1096](https://github.com/DependencyTrack/frontend/pull/1096) - build(deps): bump nginxinc/nginx-unprivileged from `8d20086` to `6097fa6` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1107](https://github.com/DependencyTrack/frontend/pull/1107) - build(deps): bump nginxinc/nginx-unprivileged from `6097fa6` to `3092a71` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1111](https://github.com/DependencyTrack/frontend/pull/1111) - build(deps): bump docker/setup-qemu-action from 3.2.0 to 3.3.0 by [@​dependabot](https://github.com/dependabot) in [#​1132](https://github.com/DependencyTrack/frontend/pull/1132) - build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by [@​dependabot](https://github.com/dependabot) in [#​1134](https://github.com/DependencyTrack/frontend/pull/1134) - build(deps): bump docker/build-push-action from 6.10.0 to 6.11.0 by [@​dependabot](https://github.com/dependabot) in [#​1133](https://github.com/DependencyTrack/frontend/pull/1133) - build(deps): bump docker/setup-buildx-action from 3.7.1 to 3.8.0 by [@​dependabot](https://github.com/dependabot) in [#​1116](https://github.com/DependencyTrack/frontend/pull/1116) - build(deps): bump nginxinc/nginx-unprivileged from `3092a71` to `f00bd07` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1117](https://github.com/DependencyTrack/frontend/pull/1117) - build(deps): bump nanoid from 3.3.7 to 3.3.8 by [@​dependabot](https://github.com/dependabot) in [#​1115](https://github.com/DependencyTrack/frontend/pull/1115) - build(deps): bump nginxinc/nginx-unprivileged from `f00bd07` to `d532ff0` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1137](https://github.com/DependencyTrack/frontend/pull/1137) - build(deps): bump nginxinc/nginx-unprivileged from `d532ff0` to `73c290d` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1138](https://github.com/DependencyTrack/frontend/pull/1138) - build(deps): bump dompurify from 2.4.9 to 2.5.8 by [@​dependabot](https://github.com/dependabot) in [#​998](https://github.com/DependencyTrack/frontend/pull/998) - build(deps): bump docker/build-push-action from 6.11.0 to 6.12.0 by [@​dependabot](https://github.com/dependabot) in [#​1140](https://github.com/DependencyTrack/frontend/pull/1140) - build(deps): bump docker/build-push-action from 6.12.0 to 6.13.0 by [@​dependabot](https://github.com/dependabot) in [#​1150](https://github.com/DependencyTrack/frontend/pull/1150) - build(deps): bump nginxinc/nginx-unprivileged from `73c290d` to `9e7238f` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1145](https://github.com/DependencyTrack/frontend/pull/1145) - build(deps): bump actions/setup-node from 4.1.0 to 4.2.0 by [@​dependabot](https://github.com/dependabot) in [#​1151](https://github.com/DependencyTrack/frontend/pull/1151) - build(deps): bump docker/setup-buildx-action from 3.8.0 to 3.9.0 by [@​dependabot](https://github.com/dependabot) in [#​1159](https://github.com/DependencyTrack/frontend/pull/1159) - build(deps): bump docker/setup-qemu-action from 3.3.0 to 3.4.0 by [@​dependabot](https://github.com/dependabot) in [#​1158](https://github.com/DependencyTrack/frontend/pull/1158) - build(deps): bump nginxinc/nginx-unprivileged from 1.27.3-alpine to 1.27.4-alpine in /docker by [@​dependabot](https://github.com/dependabot) in [#​1163](https://github.com/DependencyTrack/frontend/pull/1163) - build(deps): bump nginxinc/nginx-unprivileged from `c0b9a4e` to `6c45695` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1167](https://github.com/DependencyTrack/frontend/pull/1167) - build(deps): bump docker/build-push-action from 6.13.0 to 6.14.0 by [@​dependabot](https://github.com/dependabot) in [#​1166](https://github.com/DependencyTrack/frontend/pull/1166) - build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by [@​dependabot](https://github.com/dependabot) in [#​1176](https://github.com/DependencyTrack/frontend/pull/1176) - build(deps): bump docker/setup-qemu-action from 3.4.0 to 3.5.0 by [@​dependabot](https://github.com/dependabot) in [#​1179](https://github.com/DependencyTrack/frontend/pull/1179) - build(deps): bump docker/build-push-action from 6.14.0 to 6.15.0 by [@​dependabot](https://github.com/dependabot) in [#​1181](https://github.com/DependencyTrack/frontend/pull/1181) - build(deps): bump docker/setup-buildx-action from 3.9.0 to 3.10.0 by [@​dependabot](https://github.com/dependabot) in [#​1180](https://github.com/DependencyTrack/frontend/pull/1180) - build(deps): bump actions/download-artifact from 4.1.8 to 4.1.9 by [@​dependabot](https://github.com/dependabot) in [#​1178](https://github.com/DependencyTrack/frontend/pull/1178) - build(deps): bump nginxinc/nginx-unprivileged from `6c45695` to `3578209` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1177](https://github.com/DependencyTrack/frontend/pull/1177) - build(deps): bump docker/setup-qemu-action from 3.5.0 to 3.6.0 by [@​dependabot](https://github.com/dependabot) in [#​1184](https://github.com/DependencyTrack/frontend/pull/1184) - build(deps): bump nginxinc/nginx-unprivileged from `3578209` to `e17fc0d` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1186](https://github.com/DependencyTrack/frontend/pull/1186) - build(deps): bump nginxinc/nginx-unprivileged from `e17fc0d` to `73ee335` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1189](https://github.com/DependencyTrack/frontend/pull/1189) - build(deps): bump aquasecurity/trivy-action from 0.29.0 to 0.30.0 by [@​dependabot](https://github.com/dependabot) in [#​1195](https://github.com/DependencyTrack/frontend/pull/1195) - build(deps): bump docker/login-action from 3.3.0 to 3.4.0 by [@​dependabot](https://github.com/dependabot) in [#​1194](https://github.com/DependencyTrack/frontend/pull/1194) - build(deps): bump axios from 1.7.4 to 1.8.3 by [@​dependabot](https://github.com/dependabot) in [#​1192](https://github.com/DependencyTrack/frontend/pull/1192) - build(deps): bump nginxinc/nginx-unprivileged from `73ee335` to `40f9fdd` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1197](https://github.com/DependencyTrack/frontend/pull/1197) - build(deps): bump actions/setup-node from 4.2.0 to 4.3.0 by [@​dependabot](https://github.com/dependabot) in [#​1196](https://github.com/DependencyTrack/frontend/pull/1196) - build(deps): bump actions/download-artifact from 4.1.9 to 4.2.0 by [@​dependabot](https://github.com/dependabot) in [#​1199](https://github.com/DependencyTrack/frontend/pull/1199) - build(deps): bump actions/download-artifact from 4.2.0 to 4.2.1 by [@​dependabot](https://github.com/dependabot) in [#​1206](https://github.com/DependencyTrack/frontend/pull/1206) - build(deps): bump actions/upload-artifact from 4.6.1 to 4.6.2 by [@​dependabot](https://github.com/dependabot) in [#​1205](https://github.com/DependencyTrack/frontend/pull/1205) - build(deps): bump nginxinc/nginx-unprivileged from `40f9fdd` to `e234d4f` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1207](https://github.com/DependencyTrack/frontend/pull/1207) - build(deps): bump nginxinc/nginx-unprivileged from `e234d4f` to `e246f83` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1208](https://github.com/DependencyTrack/frontend/pull/1208) - build(deps): bump nginxinc/nginx-unprivileged from `e246f83` to `d07336b` in /docker by [@​dependabot](https://github.com/dependabot) in [#​1212](https://github.com/DependencyTrack/frontend/pull/1212) - Bump nginx base image to latest digest by [@​nscuro](https://github.com/nscuro) in [#​1220](https://github.com/DependencyTrack/frontend/pull/1220) ##### Other Changes - Add `.gitattributes` to fix prettier behavior on Windows by [@​nscuro](https://github.com/nscuro) in [#​1042](https://github.com/DependencyTrack/frontend/pull/1042) - Remove deprecation notice of toggle for unauthenticated access to SVG badges by [@​SaberStrat](https://github.com/SaberStrat) in [#​1129](https://github.com/DependencyTrack/frontend/pull/1129) - Fix typo in English translation by [@​michha](https://github.com/michha) in [#​1131](https://github.com/DependencyTrack/frontend/pull/1131) #### New Contributors - [@​IdrisGit](https://github.com/IdrisGit) made their first contribution in [#​1039](https://github.com/DependencyTrack/frontend/pull/1039) - [@​rissson](https://github.com/rissson) made their first contribution in [#​1063](https://github.com/DependencyTrack/frontend/pull/1063) - [@​Shortfinga](https://github.com/Shortfinga) made their first contribution in [#​1095](https://github.com/DependencyTrack/frontend/pull/1095) - [@​WoozyMasta](https://github.com/WoozyMasta) made their first contribution in [#​1106](https://github.com/DependencyTrack/frontend/pull/1106) - [@​michha](https://github.com/michha) made their first contribution in [#​1131](https://github.com/DependencyTrack/frontend/pull/1131) - [@​Rudra-Garg](https://github.com/Rudra-Garg) made their first contribution in [#​1152](https://github.com/DependencyTrack/frontend/pull/1152) - [@​jayolee](https://github.com/jayolee) made their first contribution in [#​1213](https://github.com/DependencyTrack/frontend/pull/1213) - [@​mjwrona](https://github.com/mjwrona) made their first contribution in [#​1209](https://github.com/DependencyTrack/frontend/pull/1209) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.0...4.13.0> ### [`v4.12.7`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.7) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.6...4.12.7) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 4d42a3251d35746bb198018fec273b17a91761e6 frontend-dist.zip # SHA256 8c808d7d4ec2442970e8a79f8bb67b9422a69e377a682a4fe47057e7b0cad642 frontend-dist.zip # SHA512 ca80e3bf0e204510223dc7cdad76ab23b60be1fafe3005ca77eea05b3c0bc0c9c64ecc419ef9643fc60f315e10856f379a507b55f523b3791a6f5ccb39da59b4 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.12.x --> **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.6...4.12.7> ### [`v4.12.6`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.6) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.5...4.12.6) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 118b6fe222bb7192ca15610dd9c0481f055f93b4 frontend-dist.zip # SHA256 d3cb53bccb46f20f735ac8716e147d6e99bf7a028ecb492b63aa3718167595ff frontend-dist.zip # SHA512 e1bded81cdec6808423cd680814d67442e76b72bbc7d7e16d723beaf0d2e3b090b60218fa7717f096679c9aa358c78eea57b590f760ab4e192bc0a2d041b80f6 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.12.x --> #### What's Changed ##### Bug Fixes 🐛 - Backport: Fix policy violation tab indicators being populated incorrectly by [@​nscuro](https://github.com/nscuro) in [#​1172](https://github.com/DependencyTrack/frontend/pull/1172) - Backport: Fix wrong policy violation tab indicator visibility conditions by [@​nscuro](https://github.com/nscuro) in [#​1175](https://github.com/DependencyTrack/frontend/pull/1175) ##### Dependency Updates 🤖 - Bump nginxinc/nginx-unprivileged from 1.27.3-alpine to 1.27.4-alpine by [@​nscuro](https://github.com/nscuro) in [#​1173](https://github.com/DependencyTrack/frontend/pull/1173) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.5...4.12.6> ### [`v4.12.5`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.5) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.4...4.12.5) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 4be2ae18d5a09116272cf608cf32b9d0cf3550b5 frontend-dist.zip # SHA256 5ddcca1d95fb7fc39110c866ad943353f6515538b3a6408478df8805823e45fa frontend-dist.zip # SHA512 4e13b8a9fd264207744e8cbdc54052dff1839d5ff6240da0d4f7e22f26a11fa04e5fb0d8b9dbc617e26177bfb1e4b073684632ee7d69cdd30faf1bf0af712f16 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.12.x --> **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.4...4.12.5> ### [`v4.12.4`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.4) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.3...4.12.4) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 182da8ebc1cde3a5ca89db6649afdd19be4f63a4 frontend-dist.zip # SHA256 bf2cb6079d36b113645f4c9dd31441bbcdd188b7a003f05947569007ff9d4713 frontend-dist.zip # SHA512 6be662192358ab143252a9df13b6a19a2b2c4c9e0bbb6d38976e2af91dbeb30bebcc2dc641de825a0deb03ac47d650dfbf37224ef015c4866270f7f4c7f7db2a frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.12.x --> #### What's Changed ##### Bug Fixes 🐛 - Backport: Fix broken ordering by SWID Tag ID in component search view by [@​nscuro](https://github.com/nscuro) in [#​1155](https://github.com/DependencyTrack/frontend/pull/1155) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.3...4.12.4> ### [`v4.12.3`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.3) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.2...4.12.3) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 40e7690e3194ebf7d047a0058fa6f1d7166505ee frontend-dist.zip # SHA256 40e0d81013f2713c66a7aee661881cac896091a58520c7a020f0515e9c347694 frontend-dist.zip # SHA512 e8a718842ded8d07f24b7bfe50d674b56a10b9bafc39bc4fe98ddf59c0c4440657240dc911494aacd4cbfbc1404dd742322746807c09b77ccd32417570f6c8c8 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.12.x --> #### What's Changed ##### Enhancements 🚀 - Backport: Add buttons to add/delete/edit *Affected Components* of internal vulnerabilities by [@​Gepardgame](https://github.com/Gepardgame) in [#​1113](https://github.com/DependencyTrack/frontend/pull/1113) ##### Bug Fixes 🐛 - Backport: Prefill *Team* input in *Create Project* dialog based on user's team membership by [@​nscuro](https://github.com/nscuro) in [#​1110](https://github.com/DependencyTrack/frontend/pull/1110) - Fix affected projects tab not being updated when switching between vulnerability aliases by [@​sephiroth-j](https://github.com/sephiroth-j) in [#​509](https://github.com/DependencyTrack/frontend/pull/509) - Backport: Bump dompurify from 2.4.9 to 2.5.8 by [@​nscuro](https://github.com/nscuro) in [#​1144](https://github.com/DependencyTrack/frontend/pull/1144) ##### Dependency Updates 🤖 - Bump `nginx-unprivileged` base image to latest digest by [@​nscuro](https://github.com/nscuro) in [#​1149](https://github.com/DependencyTrack/frontend/pull/1149) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.2...4.12.3> ### [`v4.12.2`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.2) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.1...4.12.2) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 b1e520a4aa0d3a3dc65aa5ab7da93b81c84edf43 frontend-dist.zip # SHA256 0a8790def4abe6ab3c5294928cc816a266c2b746ec39b0c1f140b8a2f4c0ad74 frontend-dist.zip # SHA512 f1ed1206b3dcbc93cb7c671126fdec7172d96a17a72cd62242d2c12379ead81b1aee9497d3c5e66a7c779d385992e50fbc79c183a47b6cc16a2a968ec938313e frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.12.x --> #### What's Changed ##### Enhancements 🚀 - Backport: Improve russian translation by [@​nscuro](https://github.com/nscuro) (original change by [@​WoozyMasta](https://github.com/WoozyMasta)) in [#​1109](https://github.com/DependencyTrack/frontend/pull/1109) ##### Bug Fixes 🐛 - Backport: Fix no error being displayed when submitting an invalid welcome message by [@​nscuro](https://github.com/nscuro) (original change by [@​Gepardgame](https://github.com/Gepardgame)) in [#​1099](https://github.com/DependencyTrack/frontend/pull/1099) - Backport: Fix broken NGINX IPv6 listening by [@​nscuro](https://github.com/nscuro) (original change by [@​rissson](https://github.com/rissson)) in [#​1101](https://github.com/DependencyTrack/frontend/pull/1101) - Backport: Fix tags with special characters breaking the tags table by [@​nscuro](https://github.com/nscuro) in [#​1100](https://github.com/DependencyTrack/frontend/pull/1100) - Backport: Show component properties to users with `VIEW_PORTFOLIO` permission by [@​nscuro](https://github.com/nscuro) (original change by [@​Shortfinga](https://github.com/Shortfinga)) in [#​1102](https://github.com/DependencyTrack/frontend/pull/1102) - Backport: Fix missing URI encoding for vulnerability IDs by [@​nscuro](https://github.com/nscuro) in [#​1103](https://github.com/DependencyTrack/frontend/pull/1103) ##### Dependency Updates 🤖 - Bump nginxinc/nginx-unprivileged to 1.27.3-alpine by [@​nscuro](https://github.com/nscuro) in [#​1108](https://github.com/DependencyTrack/frontend/pull/1108) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.1...4.12.2> ### [`v4.12.1`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.1) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.12.0...4.12.1) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 23c991a3540da5fc3c08fbcebc3c1b7bd3801402 frontend-dist.zip # SHA256 22f1a73db7df0340bb6d75042bfeb73ed375fc5659b4d609844763111bea4c81 frontend-dist.zip # SHA512 3b34b2d594434b054fdbe65747a24addabd054ca167d93056a9def14ffe3c06f9ac0822da202370ec017ce748fb74300e63a0571d0792a1f062a83d3141292b2 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at 4.12.x --> #### What's Changed ##### Bug Fixes 🐛 - Backport: Fix state of sidebar not being saved for non-`SNAPSHOT` versions by [@​nscuro](https://github.com/nscuro) (original change by [@​Gepardgame](https://github.com/Gepardgame)) in [#​1044](https://github.com/DependencyTrack/frontend/pull/1044) - Backport: Fix OIDC users not being displayed in Team view by [@​nscuro](https://github.com/nscuro) (original change by [@​Gepardgame](https://github.com/Gepardgame)) in [#​1045](https://github.com/DependencyTrack/frontend/pull/1045) - Backport: Fix creation of multiple projects without reloading page by [@​nscuro](https://github.com/nscuro) (original change by [@​rkg-mm](https://github.com/rkg-mm)) in [#​1046](https://github.com/DependencyTrack/frontend/pull/1046) - Backport: Always display project nodes in dependency graph using name and version by [@​nscuro](https://github.com/nscuro) in [#​1049](https://github.com/DependencyTrack/frontend/pull/1049) - Backport: Fix caching issues upon upgrade by [@​nscuro](https://github.com/nscuro) in [#​1051](https://github.com/DependencyTrack/frontend/pull/1051) - Backport: Fix: "Add Version" Create Button Should Be Inactive Until Version Provided by [@​nscuro](https://github.com/nscuro) (original change by [@​IdrisGit](https://github.com/IdrisGit)) in [#​1052](https://github.com/DependencyTrack/frontend/pull/1052) - Backport: Fix missing URI encoding of tag names by [@​nscuro](https://github.com/nscuro) in [#​1057](https://github.com/DependencyTrack/frontend/pull/1057) - Backport: Fix breadcrumbs navigation being broken for non-english languages by [@​nscuro](https://github.com/nscuro) (original change by [@​IdrisGit](https://github.com/IdrisGit)) in [#​1068](https://github.com/DependencyTrack/frontend/pull/1068) - Backport: Fix NGINX ipv6 listening by [@​nscuro](https://github.com/nscuro) (original change by [@​rissson](https://github.com/rissson)) in [#​1069](https://github.com/DependencyTrack/frontend/pull/1069) ##### Dependency Updates 🤖 - Bump nginxinc/nginx-unprivileged to 1.27.2-alpine by [@​nscuro](https://github.com/nscuro) in [#​1074](https://github.com/DependencyTrack/frontend/pull/1074) ##### Other Changes - Backport: Add `.gitattributes` to fix prettier behavior on Windows by [@​nscuro](https://github.com/nscuro) in [#​1043](https://github.com/DependencyTrack/frontend/pull/1043) **Full Changelog**: <https://github.com/DependencyTrack/frontend/compare/4.12.0...4.12.1> ### [`v4.12.0`](https://github.com/DependencyTrack/frontend/releases/tag/4.12.0) [Compare Source](https://github.com/DependencyTrack/frontend/compare/4.11.7...4.12.0) ##### Dependency Track Frontend For official releases, refer to [Dependency Track Docs >> Changelogs](https://docs.dependencytrack.org/changelog/) for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone. ```text # SHA1 312dd2186deb81e50da00f2d42888711352f7853 frontend-dist.zip # SHA256 589eb0aae9a3fbdfde4bdd4dda000a2fb6e08a27e66a52ef9b17c1eaa022d46e frontend-dist.zip # SHA512 98f5391fbae0135f64ac66587709d467e0b0f3ec489e50f2360a9194973caa0a7c709105fd9df24a07244ebf7cac1d39c6c82170e041440efa9bb2a86870fee0 frontend-dist.zip ``` <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### Enhancements 🚀 - Distinguish Between Active And Inactive Project Versions by [@​aravindparappil46](https://github.com/aravindparappil46) in [#​862](https://github.com/DependencyTrack/frontend/pull/862) - Improve Japanese translation by [@​tiwatsuka](https://github.com/tiwatsuka) in [#​868](https://github.com/DependencyTrack/frontend/pull/868) - Add database name and version to About dialog by [@​nscuro](https://github.com/nscuro) in [#​870](https://github.com/DependencyTrack/frontend/pull/870) - Show Badge For Inactive Projects by [@​aravindparappil46](https://github.com/aravindparappil46) in [#​872](https://gi…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps aquasecurity/trivy-action from 0.33.1 to 0.34.0.
Release notes
Sourced from aquasecurity/trivy-action's releases.
Commits
c1824fdchore(deps): Update trivy to v0.69.1 (#506)bc61dc5Merge commit from fork5eb7ef2ci: use checks bundle v2 in sync workflow (#505)22438a4Merge pull request #496 from aquasecurity/bump-trivy-17654310740024b3fchore(deps): Update trivy to v0.68.183690f7ci: install trivy in bump-trivy workflow and update tests (#495)df65449chore: update README (#493)0317097ci: use setup-bats in bump-trivy workflow (#494)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.