You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Components screen allows one to search the portfolio for components using purl, GAV, etc.
Each search results is displayed with its' own dependency graph icon.. a link to the graph for that occurrence of the component (ie, different projects will give different graphs). The caveat is that the icon will not display at all when there is no graph available (eg, where SBOM was older CycloneDX, such as v1.2).
The links are working in DT v4.12.3 and not working in v4.13.0-SNAPSHOT (Affects 7th Feb 2025 build and builds for at least a week prior). In v4.13.0-SNAPSHOT the links give an HTTP 403 error. This was when logged in as an admin user with all 14 permissions enabled.
As per the screenshot, the error is only seen in context of the /components screen. Clicking on the graph icon for a component in the "components" tab for a project works just fine.
Steps to Reproduce
Login to v4.12.x as admin user
Navigate to /components screen
Perform a search that returns at least one result that displays a graph icon
Click on graph icon an confirm that graph displays correctly
Now repeat steps 1-4 for v4.13.0-SNAPSHOT
Expected Behavior
Dependency Graph for component should display correctly. There should not be an HTTP 403 (access denied) error.
Current Behavior
The Components screen allows one to search the portfolio for components using purl, GAV, etc.
Each search results is displayed with its' own dependency graph icon.. a link to the graph for that occurrence of the component (ie, different projects will give different graphs). The caveat is that the icon will not display at all when there is no graph available (eg, where SBOM was older CycloneDX, such as v1.2).
The links are working in DT v4.12.3 and not working in v4.13.0-SNAPSHOT (Affects 7th Feb 2025 build and builds for at least a week prior). In v4.13.0-SNAPSHOT the links give an HTTP 403 error. This was when logged in as an admin user with all 14 permissions enabled.
As per the screenshot, the error is only seen in context of the
/componentsscreen. Clicking on the graph icon for a component in the "components" tab for a project works just fine.Steps to Reproduce
/componentsscreenExpected Behavior
Dependency Graph for component should display correctly. There should not be an HTTP 403 (access denied) error.
Dependency-Track Frontend Version
4.13.0-SNAPSHOT
Browser
Mozilla Firefox
Browser Version
135.0
Operating System
Windows
Checklist
The text was updated successfully, but these errors were encountered: