This release fixes a defect in the caching of vulnerability analysis results from external sources.
There are no changes for the frontend, the latest version of it remains 4.6.1.
Fixes:
- Resolved a defect that caused the component analysis cache validity period to be too short - #2115
Upgrade Notes:
- The value of the
scanner.analysis.cache.validity.period
configuration property will be reset to 12 hours during the automated upgrade. No manual actions are required.
For a complete list of changes, refer to the respective GitHub milestones:
dependency-track-apiserver.jar
Algorithm | Checksum |
---|---|
SHA-1 | 68b806410c2e68fe8c586b93044f29a648f96466 |
SHA-256 | d9b5337419addee26658da8e421f0286aaa92160b8f6f85caca83aa1a328611f |
dependency-track-bundled.jar
Algorithm | Checksum |
---|---|
SHA-1 | ac2a60bc8fedad714fa55c2aaad44533fa2086d7 |
SHA-256 | 1229681b5d1dc399ec662946969f7ef225bc7e6381861d8eb35e31d431b25714 |
Software Bill of Materials (SBOM)
- API Server: bom.json