Dependency-Track logov4.11

This release fixes various defects in the API server.
There are no changes for the frontend, the latest version of it remains 4.10.0.

NVD Data Feed Retirement Update:

The NVD has announced that retirement of the legacy data feeds has been delayed until further notice. Dependency-Track users who:

can safely continue consuming the legacy feeds, or switch back to it.


For a complete list of changes, refer to the respective GitHub milestones:

We thank all organizations and individuals who contributed to this release, from logging issues to taking part in discussions on GitHub & Slack to testing of fixes.

Special thanks to everyone who contributed code to implement enhancements and fix defects:

dependency-track-apiserver.jar #
Algorithm Checksum
SHA-1 1d728ce1788e5db8b3a9308338a9e7e8ab5af12e
SHA-256 e30731cd1915d3a1578cf5d8c8596d247fb11a82a3fe4c1ba2fb9fad01667aef
dependency-track-bundled.jar #
Algorithm Checksum
SHA-1 be32e1bc64d0b9b8019e340717d4ae3c12442ecd
SHA-256 ffa0ab6dc9be894d0887ca3e10c4ffe3a333305d98de940413fcdbb05e2bcebd
Software Bill of Materials (SBOM) #