Roland Asmann
Roland Asmann
We are trying to generate BOMs for our Android projects and I am having a hell of a time. After finally figuring out all configs that I have to skip...
Analyzing CocoaPods uses `pod spec which` to find the location of a podspec file. Unfortunately CP only resolved the path if the pod is known in (one of) its repositories....
I've been working on some issues for [cdxgen](https://github.com/CycloneDX/cdxgen) with generating Gradle purls for projects. My issue is that Gradle prefixes project names with a ':', which should imho not be...
### Current Behavior When exporting an SBOM for a project and then trying to import it again, DT gives an exception that the Schema validation failed. ### Steps to Reproduce...
I just started using nomn and nmonchart on my Linux systems and wanted to add my Macs as well. That's how I found this repo. Now, I would like to...
### Current Behavior Some of the components in our projects don't have their license set, so we set those manually to fulfill our companies policies. However, after running another import,...
### Current Behavior When DT sends a mail about vulnerable dependencies or new vulnerabilities, all references to this project use the purl of the root component instead of the actual...
### Current Behavior Currently notifications can only be limited to projects. This means that any new project has to be added in the notification manually (unless no limits are set...
### Current Behavior We have a project that uses React Native, where the base dependencies are NPM. Inside them are Gradle and CocoaPods modules which are referenced inside the respective...
We are using Expo & React Native to build apps. We've been generating and importing our SBOMs for some time and kept finding it strange that Dependency-Track never showed any...