Changes for page Dependency-Track
Last modified by Milad Afshar-Jahanshahi on 2025/09/03 14:31
From version 33.2
edited by Milad Afshar-Jahanshahi
on 2025/09/03 12:56
on 2025/09/03 12:56
Change comment:
There is no comment for this version
To version 25.2
edited by Milad Afshar-Jahanshahi
on 2025/09/03 09:14
on 2025/09/03 09:14
Change comment:
Edited comment
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -1,12 +1,10 @@ 1 - STILL UNDER CONSTRUCTION1 +{{toc/}} 2 2 3 3 [[image:logo-dependency-track.YzQAjtqS_Z2pMQkR.webp||alt="Grafana Icon Logo PNG vector in SVG, PDF, AI, CDR format" data-xwiki-image-style-alignment="end" height="52" width="190"]] 4 4 5 -{{toc/}} 6 - 7 7 = Introduction = 8 8 9 -Dependency-Track is an open-source SoftwareCompositionAnalysis (SCA) toolthat helps organizations manage and secure their software supply chain. Itautomatically generates and maintains aSoftwareBill ofMaterials (SBOM) for projects,continuouslymonitoringdependencies for known vulnerabilities. Inaddition,ittracks license compliance of open-source components,giving teams greatervisibility and control.Byintegratingseamlessly into DevOpsandCI/CD pipelines,Dependency-Track makesit easier to embed security throughout thedevelopmentifecycle.7 +Dependency-Track is an open-source software composition analysis (SCA) tool. It creates and manages a software bill of materials (SBOM) for projects. The tool continuously checks dependencies for known vulnerabilities. It also tracks license compliance of open-source components. Teams gain visibility and control over their software supply chain. Helps integrate security into DevOps/CI-CD pipelines efficiently. 10 10 11 11 [[Vendor Page>>https://dependencytrack.org/]] 12 12 ... ... @@ -20,8 +20,6 @@ 20 20 21 21 = Accessing Dependency-Track = 22 22 23 -Dependency-Track is integrated into the DevOps-as-a-Service toolchain, but for now it’s only offered in the Pilotkunden Preview. To get started, a few prerequisites need to be in place. 24 - 25 25 == Preconditions in DevOps portal to access Dependency-Track == 26 26 27 27 1. A Dependency-Track license must be assigned to the user ... ... @@ -30,9 +30,11 @@ 30 30 (% class="box warningmessage" %) 31 31 ((( 32 32 ⚠ **Note** 33 - Unlikeothertools,loginisonlypossibleif theuserhasa validlicenseand isassigneda rolein atleastone Dependency-Trackproject.29 +Im Gegensatz zu anderen Tools ist ein Login nur dann möglich, wenn der User eine Lizenz hat und in mindestens einem DepTrack Projekt eine Rolle hat 34 34 ))) 35 35 32 + 33 + 36 36 After completing the preconditions, a project in Dependency-Track, which is part of the DevOps-as-a-Service toolchain, can be accessed via the DevOps Portal or directly through a URL. 37 37 38 38 == Via DevOps Portal == ... ... @@ -56,16 +56,6 @@ 56 56 If you are not already logged in to another tool in the toolchain or the DevOps portal, then you have to login using your configured SSO credentials. 57 57 58 58 59 - 60 -== Dependency-Track Jenkins Interaction == 61 - 62 -Nur sdcPipeline() wird unterstützt, nur maven (bisher), alles automatisch 63 - 64 - 65 -== Collection Project und Unterprojekte == 66 - 67 -TODO 68 - 69 69 = Users, Projects and Roles = 70 70 71 71 * Projects, users and their roles in projects are managed in the DevOps Portal, the corresponding functions in Dependency-Track are disabled (UI and API)