Skip to Content

Changes for page Dependency-Track

Last modified by Milad Afshar-Jahanshahi on 2025/09/03 14:31
From version 23.1
edited by Milad Afshar-Jahanshahi
on 2025/09/03 08:48
Change comment: There is no comment for this version
To version 29.1
edited by Milad Afshar-Jahanshahi
on 2025/09/03 09:26
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -1,7 +3,7 @@
1 -{{toc/}}
2 -
3 3  [[image:logo-dependency-track.YzQAjtqS_Z2pMQkR.webp||alt="Grafana Icon Logo PNG vector in SVG, PDF, AI, CDR format" data-xwiki-image-style-alignment="end" height="52" width="190"]]
4 4  
3 +{{toc/}}
4 +
5 5  = Introduction =
6 6  
7 7  Dependency-Track is an open-source software composition analysis (SCA) tool. It creates and manages a software bill of materials (SBOM) for projects. The tool continuously checks dependencies for known vulnerabilities. It also tracks license compliance of open-source components. Teams gain visibility and control over their software supply chain. Helps integrate security into DevOps/CI-CD pipelines efficiently.
... ... @@ -18,11 +18,28 @@
18 18  
19 19  = Accessing Dependency-Track =
20 20  
21 +(% class="box warningmessage" %)
22 +(((
23 +Pilotkunden Preview ist
24 +)))
25 +
21 21  == Preconditions in DevOps portal to access Dependency-Track ==
22 22  
23 23  1. A Dependency-Track license must be assigned to the user
24 24  1. Dependency-Track must be added to the tool list of the project
25 25  
31 +(% class="box warningmessage" %)
32 +(((
33 +⚠ **Note**
34 +Im Gegensatz zu anderen Tools ist ein Login nur dann möglich, wenn der User eine Lizenz hat und in mindestens einem DepTrack Projekt eine Rolle hat
35 +)))
36 +
37 +
38 +
39 +
40 +
41 +
42 +
26 26  After completing the preconditions, a project in Dependency-Track, which is part of the DevOps-as-a-Service toolchain, can be accessed via the DevOps Portal or directly through a URL.
27 27  
28 28  == Via DevOps Portal ==
... ... @@ -31,9 +31,12 @@
31 31  
32 32  [[image:deptrack.png||alt="Deptrack -Tile" data-xwiki-image-style-border="true" height="211" width="459"]]
33 33  
51 +(% class="box warningmessage" %)
52 +(((
34 34  ⚠ **Note**
35 35  If you are still unable to access your project in Dependency-Track, it may be because you are logged in with an old session that still uses outdated permissions or To resolve this issue, please log out and then log in again:
36 36  \\[[image:login1.png||alt="Untitled2.png" height="250" width="600"]]
56 +)))
37 37  
38 38  == Via Direct URL ==
39 39  
... ... @@ -42,10 +42,17 @@
42 42  
43 43  If you are not already logged in to another tool in the toolchain or the DevOps portal, then you have to login using your configured SSO credentials.
44 44  
45 -⚠ **Note**
46 -Access to the main wiki at [[https:~~/~~/<customer~>.devops.t-systems.net/xwiki>>https://<customer>.devops.t-systems.net/xwiki]] is forbidden due to security restrictions and therefore this page cannot be viewed.
47 -
48 48  
66 +
67 +== Dependency-Track Jenkins Interaction ==
68 +
69 +Nur sdcPipeline() wird unterstützt, nur maven (bisher), alles automatisch
70 +
71 +
72 +== Collection Project und Unterprojekte ==
73 +
74 +TODO
75 +
49 49  = Users, Projects and Roles =
50 50  
51 51  * Projects, users and their roles in projects are managed in the DevOps Portal, the corresponding functions in Dependency-Track are disabled (UI and API)
... ... @@ -56,7 +56,7 @@
56 56  * When Dependency-Track is added as a tool to an existing or new project, a corresponding subwiki is automatically created. Users assigned to the project in the DevOps Portal are then added to the subwiki with the roles defined in the configuration : 
57 57  ** Role mapping: (((
58 58  |=Project Role in DevOps Portal|=Permissions in XWiki
59 -|Admin|View, comment, edit, and delete pages
86 +|Admin| POLICY_VIOLATION_ANALYSIS,''VIEW_POLICY_VIOLATION,''VIEW_PORTFOLIO,'VIEW_VULNERABILITY,''VULNERABILITY_ANALYSIS'
60 60  |Master|(% colspan="1" %)Can view, comment, and edit pages, but cannot delete content
61 61  |Developer|(% colspan="1" %)Similar to Master
62 62  |Viewer|Read-only access. Can only view content, no edits or comments allowed
... ... @@ -66,7 +66,7 @@
66 66  
67 67  = Main Features =
68 68  
69 -Inside DevOps-as-a-Service, XWiki is mainly used for writing specifications and documentations. See below for a list of the main features of XWiki.
96 +Inside DevOps-as-a-Service, deptrack is mainly used for writing specifications and documentations. See below for a list of the main features of XWiki.
70 70  
71 71  == Collaborative Content Editing ==
72 72  
XWiki.XWikiComments[0]
Comment
... ... @@ -2,9 +2,9 @@
2 2  
3 3  Optionales Tool: aktivieren als Project Admin für das Projekt, zuweisen von Lizenzen als Portal Admin an die entsprechenden User
4 4  
5 -Im Gegensatz zu anderen Tools ist ein Login nur dann möglich, wenn der User eine Lizenz hat und in mindestens einem DepTrack Projekt eine Rolle hat
5 +Im Gegensatz zu anderen Tools ist ein Login nur dann möglich, wenn der User eine Lizenz hat und in mindestens einem DepTrack Projekt eine Rolle hat  ~-~-> Done
6 6  
7 -Dashboard -> DepTrack Login Seite
7 +Dashboard -> DepTrack Login Seite  ~-~-> DOne
8 8  
9 9  Pilotkunden Preview ist
10 10  
© 2018-2025 T-Systems International GmbH