Releases · jenkinsci/dependency-track-plugin · GitHub

20 Aug 19:06

v6.0.2 Latest

Latest

⚠ Breaking

⭐ New Features

🐞 Bugs Fixed

The list of projects in the select box did not show all available projects.
Policy violations were limited to 100 (#345)
The publishing step may get stuck when reading the BOM (#336)

Assets 3

23 Mar 19:04

sephiroth-j

v6.0.1

⚠ Breaking

⭐ New Features

🐞 Bugs Fixed

avoid "JSON Payload Too Large" error (#313)

Assets 3

18 Jan 14:50

sephiroth-j

v6.0.0

⚠ Breaking

require Jenkins 2.479.1 or newer
require Java 17 or newer (required since Jenkins 2.479.1)
require Dependency-Track 4.12 or newer (#286)

⭐ New Features

Support "isLatest" flag (#286)

Assets 3

08 Dec 16:40

sephiroth-j

v5.2.0

⚠ Breaking

⭐ New Features

Support variables in project properties (JENKINS-74822)

🐞 Bugs Fixed

Assets 3

20 Sep 16:21

v5.1.0

⚠ Breaking

⭐ New Features

Support for specifying the parent project using its name and version as an alternative to its ID (#261)
Include artifact name in Publishing Logline (#264)
Support for Policy Violations (#130)

🐞 Bugs Fixed

Assets 3

30 May 17:58

sephiroth-j

v5.0.0

⚠ Breaking

require Jenkins 2.440.1 or newer
require Java 11 or newer (required since Jenkins 2.361.1)
require Dependency-Track 4.9 or newer
New findings are only evaluated from the second build onwards (#113)

⭐ New Features

Allow overrideGlobals to override global timeout and interval settings (#182)
Use the proxy that is configured in Jenkins (#181)
Support threshold for unassigned findings (#158)
Supports HTTP/2
In the event of an unexpected exception, each call to Dependency-Track is retried within an uniformly distributed, randomly generated period in the range of 50-500ms.
A warning is emitted when threshold values are configured but synchronous mode is disabled.
Add Support for Identification of Aliases ... by ignoring them (#168)

🐞 Bugs Fixed

The settings for the threshold values are now only visible when synchronous mode is enabled. This will hopefully avoid misunderstandings/misconfigurations.

Assets 2

12 Apr 19:08

sephiroth-j

v4.3.1

⚠ Breaking

⭐ New Features

🐞 Bugs Fixed

Remove usages of l:css (#160)

Assets 2

20 Feb 19:03

sephiroth-j

v4.3.0

⚠ Breaking

⭐ New Features

Added support for parent-child-relationships of projects with Dependency-Track v4.7 and newer (fixes #139)

🐞 Bugs Fixed

Searching on the result page was partially broken due to a bug in bootstrap-vue 2.22+

Assets 2

04 Jul 19:05

sephiroth-j

v4.2.0

⚠ Breaking

⭐ New Features

The connection test will also check server-side permissions for Dependency-Track v4.4 and newer (fixes #13)

🐞 Bugs Fixed

classic jobs with sync mode and no project ID used the looked-up ID in future runs, although they should not (fixes #98)
When using "New Findings" thresholds, the plugin is now looking for the latest succesful build with a report instead of just the previous build with the report. (PR #106)

Contributors

@lsoumille

Contributors

lsoumille

Assets 2

06 Mar 22:16

sephiroth-j

v4.1.1

⚠ Breaking

⭐ New Features

🐞 Bugs Fixed

The options "Dependency-Track project name" and "Dependency-Track project version" were only visible after saving and reloading the configuration page, although the global configuration "Auto Create projects" was set.
Fixed an issue with "Dependency-Track project" in classic (freestyle) jobs and Jenkins 2.319 LTS that caused the value to be "null" instead of empty, resulting in upload errors. Affected users should edit and save the job after updating to this plugin version.

Assets 2