dependency-track

Update docker.io/dependencytrack/apiserver Docker tag to v4.12.2

Michi Kofler-Häusler

07 Dec 2024 — 2 min read

Photo by Ben Hershey / Unsplash

No problems upgrading the backend Docker container with a Docker compose yaml file within Portainer and by means of Portainer DevOps resp. GitOps with dependency update facilitated by Mend's Renovate Bot.

This MR contains the following updates:

Package	Update	Change
docker.io/dependencytrack/apiserver (source)	patch	`4.12.1` -> `4.12.2`

Release Notes

DependencyTrack/dependency-track (docker.io/dependencytrack/apiserver)

`v4.12.2`

For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone.


### SHA1
114d6a9f8b87a307be324f155daf3454dcc269bb  dependency-track-apiserver.jar
a15db1b85d0ac29977724deb3f9a65428c929d39  dependency-track-bundled.jar

### SHA256
ef6bb4ce3ebea410b620a91cf8347ab1e95c32b3f166103c749ece97f4098591  dependency-track-apiserver.jar
a8aba7cd926de3deeea31290be830ee90282128f1820fddde3ec8b346bba1bdd  dependency-track-bundled.jar

### SHA512
c2fc89377de194af70dab631b2f385f9e9cac93b140916e795a4b43bf7f3d7091ef64b64614bc1935282f23d9f7e3ba40dc41d2c98fa33167d62b409f75c79d8  dependency-track-apiserver.jar
684666c5b5456609d4694c5ce8b793bf64a49b77219784954ec6d5a6abe38895a2637f3644ca9197061fdc4e4ba203e3699849b656730d5eb52649a11cb685bb  dependency-track-bundled.jar

What's Changed

Enhancements 🚀

Backport: Reduce memory usage of metrics update tasks by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4377

Bug Fixes 🐛

Backport: Fix CPE matching for NVD mirroring via REST API by @nscuro (original change by @calderonth) in https://github.com/DependencyTrack/dependency-track/pull/4378
Backport: Fix incorrect CWE schema in OpenAPI spec by @nscuro (original change by @fupgang) in https://github.com/DependencyTrack/dependency-track/pull/4379
Backport: Fix NullPointerException when fetching findings by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4380
Backport: Fix policy evaluation not happening upon creation or update of individual components by @nscuro (original change by @fupgang) in https://github.com/DependencyTrack/dependency-track/pull/4381
Backport: Fix nullable metrics fields having getters of primitive type by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4382
Backport: Fix Trivy analyzer vulnerability matching for Go packages by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4395
Backport: Move GHSA notification logic outside recursion by @nscuro (original change by @antoinbo) in https://github.com/DependencyTrack/dependency-track/pull/4417
Backport: Add cyclonedx json media type when exporting components by @nscuro (original change by @wratner) in https://github.com/DependencyTrack/dependency-track/pull/4420
Backport: Fix NPE when cloning projects with broken dependency graph by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4419
Backport: Fix project.active being nullable by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4418
Fix incompatibility of swagger-core with newer jackson-databind versions by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4442

Dependency Updates 🤖

Backport: Bump Alpine to 3.1.2 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4436
Backport: Bump bundled frontend to 4.12.2 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4441

Other Changes

Add changelog for v4.12.2 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/4439

Full Changelog: https://github.com/DependencyTrack/dependency-track/compare/4.12.1...4.12.2

Read more

Update ghcr.io/home-assistant/home-assistant Docker tag to v2025

Update ghcr.io/home-assistant/home-assistant Docker tag to v2025

No problems deploying Home Assistant major version to Proxmox VE K3s Kubernetes cluster via Helm Chart and Flux V2 reconciliation in a GitOps approach with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change ghcr.io/home-assistant/home-assistant (source) major 2024.

Update Helm release kube-prometheus-stack to v67.9.0

Update Helm release kube-prometheus-stack to v67.9.0

No problems deploying Prometheus Helm chart to Proxmox VE K3s Kubernetes cluster via Helm Chart and Flux V2 reconciliation in a GitOps approach with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change kube-prometheus-stack (source) minor 67.8.0 ->

Update Helm release oauth2-proxy to v7.9.2

Update Helm release oauth2-proxy to v7.9.2

No problems deploying to Proxmox VE K3s Kubernetes cluster via Helm Chart and Flux V2 reconciliation in a GitOps approach with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change oauth2-proxy (source) patch 7.9.0 -> 7.9.2

Update docker.io/sonatype/nexus3 Docker tag to v3.76.0

Update docker.io/sonatype/nexus3 Docker tag to v3.76.0

Minor upgrade to Docker container executed successfully by means of Watchtower infrastructure with dependency update facilitated by Mend's Renovate Bot. This MR contains the following updates: Package Update Change docker.io/sonatype/nexus3 (changelog) minor 3.75.1-alpine -> 3.76.0-alpine

Me on Mastodon - This link is here for verification purposes.