Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

appsec bill-of-materials bom component-analysis cyclonedx devsecops hacktoberfest nvd ossindex owasp package-url purl sbom sca security security-automation software-composition-analysis software-security vulnerabilities vulnerability-detection
35 Open Issues Need Help Last updated: Jul 3, 2026

Open Issues Need Help

View All on GitHub
enhancement help wanted spike / research

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p2 good first issue access control size/S

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect p2 good first issue api docs size/S api-inconsistency

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p3 good first issue cdx-1.6 size/S hacktoberfest

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p3 good first issue

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect p2 good first issue size/S hacktoberfest

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p3 good first issue size/M

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
Fine Grained ACL about 1 month ago
help wanted p2 size/XL

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p3 size/M

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2 size/L

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted integration/defectdojo

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2 size/XL

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect p2 good first issue documentation

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p3 good first issue size/M

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2 cdx-1.3 needs milestone

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p3 good first issue size/S

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted on hold p2

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p2 good first issue integration/github size/S

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect p2 good first issue api docs size/S api-inconsistency

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect help wanted in triage integration/trivy

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2 integration/msteams size/M

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
help wanted spike / research size/L

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect p2 good first issue size/S integration/jira

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2 size/M

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect p3 good first issue size/S hacktoberfest

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
defect p2 good first issue size/S

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement p2 good first issue size/S

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
enhancement help wanted p2 good first issue size/S

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection