Dependency-Track logov4.11

Dependency-Track supports badges in Scalable Vector Graphics (SVG) format. Support for badges is a globally configurable option and is disabled by default.

Enabling badge support will provide vulnerability and policy violation metric information to unauthenticated users. Any anonymous user with network access to Dependency-Track and knowledge of a projects information will be able to view the SVG badge.

In all following examples, replace {name}, {version}, and {uuid} with their respective values.

Vulnerable components #

Create a badge for vulnerable components of the project. It either shows:


Suppressed vulnerabilities are not included in the count, so a project with only suppressed vulnerabilities will show a “no vulns” badge. SVG badges may be retrieved using either the UUID of the project, or the combination of a projects name and version.

Examples #{name}/{version}{uuid}

Policy violations #

Create a badge for policy violations of the project. It either shows:


Suppressed violations are not included in the count, so a project with only suppressed violations will show a “no violations” badge. SVG badges may be retrieved using either the UUID of the project, or the combination of a projects name and version.

Examples #{name}/{version}{uuid}

Embedding #

You can embed the badges in other documents. It allows you to display a badge in your README for example.

HTML Examples #

<img src="{name}/{version}">
<img src="{uuid}">
<img src="{name}/{version}">
<img src="{uuid}">

Markdown Examples #

![alt text]({name}/{version})
![alt text]({uuid})
![alt text]({name}/{version})
![alt text]({uuid})