DependencyTrack · valentijnscholten · Jan 4, 2025 · Jan 4, 2025 · Jan 4, 2025 · Jan 4, 2025
diff --git a/package-lock.json b/package-lock.json
diff --git a/src/assets/img/composer-logo.png b/src/assets/img/composer-logo.png
diff --git a/src/assets/scss/_custom.scss b/src/assets/scss/_custom.scss
@@ -137,6 +137,14 @@ html {
   background-color: #EBE5A8;
   border: 1px solid #DCD167;
 }
+.label-source-drupal {
+  background-color: hsl(120, 75%, 39%);
+  border: 1px solid #06785a;
+}
+.label-source-composer {
+  background-color: hsl(305, 43%, 51%);
+  border: 1px solid #7b3566;
+}
 .label-source-unknown {
   background-color: $severity-unassigned;
   border: 1px solid $grey-900;

diff --git a/src/i18n/locales/de.json b/src/i18n/locales/de.json
@@ -52,6 +52,8 @@
     "change_password_next_login": "Der Benutzer muss bei der nächsten Anmeldung sein Passwort ändern",
     "clone_template": "Vorlage klonen",
     "composer": "Composer",
+    "composer_advisories": "Komponisten -Ratschläge (Beta)",
+    "composer_repositories": "Komponisten -Repositories",
     "configuration": "Konfiguration",
     "configuration_saved": "Konfiguration gespeichert",
     "configuration_test": "Konfigurationstest",
@@ -79,10 +81,12 @@
     "delete_team": "Team löschen",
     "delete_template": "Vorlage löschen",
     "delete_user": "Benutzer löschen",
+    "description": "Beschreibung",
     "destination": "Ziel",
     "disabled": "Deaktiviert",
     "disabled_for_tags": "Deaktiviert für Tags",
     "distinguished_name": "Distinguished Name",
+    "documentation": "Dokumentation",
     "edit_api_key_comment": "Kommentar zum API-Schlüssel bearbeiten",
     "email": "E-Mail",
     "email_address": "E-Mail-Adresse",
@@ -208,6 +212,10 @@
     "reindex_vulnerable_software": "Anfällige Software",
     "remove_api_key": "remove_api_key",
     "repositories": "Repositorys",
+    "repository_advisory_alias_sync_enabled": "Aktivieren Sie die Synchronisierung des Sicherheitshinweis-Alias",
+    "repository_advisory_alias_sync_toggle": "Aktivieren Sie die Alias -Synchronisation von Sicherheitsberatungen",
+    "repository_advisory_mirroring_enabled": "Beratungssynchronisation",
+    "repository_advisory_mirroring_toggle": "Aktivieren Sie die Spiegelung von Sicherheitsanwälten (Beta)",
     "repository_authentication": "Authentifizierung erforderlich",
     "repository_created": "Repository erstellt",
     "repository_deleted": "Repository gelöscht",
@@ -269,6 +277,8 @@
     "vulndb": "VulnDB",
     "vulnsource_alias_sync_enable": "Synchronisierung von Schwachstellenaliasen aktivieren",
     "vulnsource_alias_sync_enable_tooltip": "Alias-Daten können dabei helfen, identische Schwachstellen in mehreren Datenbanken zu identifizieren. Wenn die Quelle diese Daten bereitstellt, synchronisieren Sie sie mit der Datenbank von Dependency-Track.",
+    "vulnsource_composer_advisories_desc": "Das Komponist -Ökosystem bietet Sicherheitsberatungen über seine Komponisten -Repositorys an. \nBeispiele sind https://packagist.org und https://packages.drupal.org/8. \nDiese Sicherheitsanwälte werden vom Komponisten verwendet, um den Befehl Composer Audit bereitzustellen.",
+    "vulnsource_composer_to_enable": "Die Komponisten -Beratungsspiegelung kann für ein Repository über seine Konfiguration aktiviert werden:",
     "vulnsource_github_advisories_desc": "GitHub Advisories (GHSA) ist eine Datenbank mit CVEs und von GitHub stammenden Sicherheitshinweisen, die die Open-Source-Welt betreffen. Dependency-Track integriert sich in GHSA, indem Hinweise über die öffentliche GraphQL-API von GitHub gespiegelt werden. Der Spiegel wird täglich oder beim Neustart der Dependency-Track-Instanz aktualisiert. Zur Authentifizierung bei GitHub ist ein persönlicher Zugriffstoken (PAT) erforderlich, ihm müssen jedoch keine Bereiche zugewiesen werden.",
     "vulnsource_github_advisories_enable": "GitHub Advisory-Spiegelung aktivieren",
     "vulnsource_nvd_desc": "Die National Vulnerability Database (NVD) ist die größte öffentlich zugängliche Quelle für Informationen zu Schwachstellen. Sie wird von einer Gruppe innerhalb des National Institute of Standards and Technology (NIST) gepflegt und basiert auf der Arbeit von MITRE und anderen. Schwachstellen in der NVD werden Common Vulnerabilities and Exposures (CVE) genannt. In der NVD sind über 100.000 CVEs dokumentiert, die von den 1990er Jahren bis heute reichen.",

diff --git a/src/i18n/locales/en.json b/src/i18n/locales/en.json
@@ -52,6 +52,8 @@
     "change_password_next_login": "User must change password at next login",
     "clone_template": "Clone Template",
     "composer": "Composer",
+    "composer_advisories": "Composer Advisories (Beta)",
+    "composer_repositories": "Composer Repositories",
     "configuration": "Configuration",
     "configuration_saved": "Configuration saved",
     "configuration_test": "Configuration Test",
@@ -79,10 +81,12 @@
     "delete_team": "Delete Team",
     "delete_template": "Delete Template",
     "delete_user": "Delete User",
+    "description": "Description",
     "destination": "Destination",
     "disabled": "Disabled",
     "disabled_for_tags": "Disabled for tags",
     "distinguished_name": "Distinguished name",
+    "documentation": "Documentation",
     "edit_api_key_comment": "Edit API Key Comment",
     "email": "Email",
     "email_address": "Email address",
@@ -208,6 +212,10 @@
     "reindex_vulnerable_software": "Vulnerable software",
     "remove_api_key": "Remove API Key",
     "repositories": "Repositories",
+    "repository_advisory_alias_sync_enabled": "Alias Sync",
+    "repository_advisory_alias_sync_toggle": "Enable Security Advisory alias synchronization",
+    "repository_advisory_mirroring_enabled": "Advisory Sync",
+    "repository_advisory_mirroring_toggle": "Enable mirroring of Security Advisories (Beta)",
     "repository_authentication": "Authentication required",
     "repository_created": "Repository created",
     "repository_deleted": "Repository deleted",
@@ -269,6 +277,8 @@
     "vulndb": "VulnDB",
     "vulnsource_alias_sync_enable": "Enable vulnerability alias synchronization",
     "vulnsource_alias_sync_enable_tooltip": "Alias data can help in identifying identical vulnerabilities across multiple databases. If the source provides this data, synchronize it with Dependency-Track's database.",
+    "vulnsource_composer_advisories_desc": "The Composer ecosystem provides security advisories via its Composer repositories. Examples are https://packagist.org and https://packages.drupal.org/8. These security advisories are used by Composer to provide the composer audit command.",
+    "vulnsource_composer_to_enable": "Composer advisory mirroring can be enabled for a repository via its configuration:",
     "vulnsource_github_advisories_desc": "GitHub Advisories (GHSA) is a database of CVEs and GitHub-originated security advisories affecting the open source world. Dependency-Track integrates with GHSA by mirroring advisories via GitHub's public GraphQL API. The mirror is refreshed daily, or upon restart of the Dependency-Track instance. A personal access token (PAT) is required in order to authenticate with GitHub, but no scopes need to be assigned to it.",
     "vulnsource_github_advisories_enable": "Enable GitHub Advisory mirroring",
     "vulnsource_nvd_desc": "The National Vulnerability Database (NVD) is the largest publicly available source of vulnerability intelligence. It is maintained by a group within the National Institute of Standards and Technology (NIST) and builds upon the work of MITRE and others. Vulnerabilities in the NVD are called Common Vulnerabilities and Exposures (CVE). There are over 100,000 CVEs documented in the NVD spanning from the 1990’s to the present.",

diff --git a/src/i18n/locales/es.json b/src/i18n/locales/es.json
@@ -52,6 +52,8 @@
     "change_password_next_login": "El usuario debe cambiar la contraseña en el próximo inicio de sesión",
     "clone_template": "Plantilla de clonación",
     "composer": "Compositor",
+    "composer_advisories": "Aventivos del compositor (beta)",
+    "composer_repositories": "Repositorios del compositor",
     "configuration": "Configuración",
     "configuration_saved": "Configuración guardada",
     "configuration_test": "Prueba de configuración",
@@ -79,10 +81,12 @@
     "delete_team": "Eliminar equipo",
     "delete_template": "Eliminar plantilla",
     "delete_user": "Borrar usuario",
+    "description": "Descripción",
     "destination": "Destino",
     "disabled": "Desactivado",
     "disabled_for_tags": "Deshabilitado para etiquetas",
     "distinguished_name": "Nombre distinguido",
+    "documentation": "Documentación",
     "edit_api_key_comment": "edit_api_key_comment",
     "email": "Correo electrónico",
     "email_address": "Dirección de correo electrónico",
@@ -208,6 +212,10 @@
     "reindex_vulnerable_software": "software vulnerable",
     "remove_api_key": "Eliminar Clave API",
     "repositories": "Repositorios",
+    "repository_advisory_alias_sync_enabled": "Habilitar la sincronización de alias de aviso de seguridad",
+    "repository_advisory_alias_sync_toggle": "Habilitar la sincronización de alias de asesoramiento de seguridad",
+    "repository_advisory_mirroring_enabled": "Sincronización de asesoramiento",
+    "repository_advisory_mirroring_toggle": "Habilitar el reflejo de los avisos de seguridad (beta)",
     "repository_authentication": "Autenticacion requerida",
     "repository_created": "Repositorio creado",
     "repository_deleted": "Repositorio eliminado",
@@ -269,6 +277,8 @@
     "vulndb": "VulnDB",
     "vulnsource_alias_sync_enable": "Habilitar la sincronización de alias de vulnerabilidad",
     "vulnsource_alias_sync_enable_tooltip": "Los datos de alias pueden ayudar a identificar vulnerabilidades idénticas en múltiples bases de datos. Si la fuente proporciona estos datos, sincronícelos con la base de datos de Dependency-Track.",
+    "vulnsource_composer_advisories_desc": "El ecosistema compositor proporciona avisos de seguridad a través de sus repositorios compositor. \nLos ejemplos son https://packagist.org y https://packages.drupal.org/8. \nEl compositor utiliza estos avisos de seguridad para proporcionar el comando de auditoría del compositor.",
+    "vulnsource_composer_to_enable": "El reflejo de asesoramiento del compositor se puede habilitar para un repositorio a través de su configuración:",
     "vulnsource_github_advisories_desc": "GitHub Advisories (GHSA) es una base de datos de CVE y avisos de seguridad originados en GitHub que afectan al mundo del código abierto. Dependency-Track se integra con GHSA reflejando avisos a través de la API pública GraphQL de GitHub. El espejo se actualiza diariamente o al reiniciar la instancia de Dependency-Track. Se requiere un token de acceso personal (PAT) para autenticarse con GitHub, pero no es necesario asignarle ámbitos.",
     "vulnsource_github_advisories_enable": "Habilitar la duplicación de asesoramiento de GitHub",
     "vulnsource_nvd_desc": "La Base de Datos Nacional de Vulnerabilidad (NVD) es la mayor fuente de inteligencia sobre vulnerabilidades disponible públicamente. Lo mantiene un grupo dentro del Instituto Nacional de Estándares y Tecnología (NIST) y se basa en el trabajo de MITRE y otros. Las vulnerabilidades en NVD se denominan vulnerabilidades y exposiciones comunes (CVE). Hay más de 100.000 CVE documentados en el NVD desde la década de 1990 hasta la actualidad.",

diff --git a/src/i18n/locales/fr.json b/src/i18n/locales/fr.json
@@ -52,6 +52,8 @@
     "change_password_next_login": "L'utilisateur doit changer son mot de passe lors de sa prochaine connexion",
     "clone_template": "Cloner le modèle",
     "composer": "Composer",
+    "composer_advisories": "Conseils des compositeurs (bêta)",
+    "composer_repositories": "Référentiels des compositeurs",
     "configuration": "Configuration",
     "configuration_saved": "Configuration enregistrée",
     "configuration_test": "Test de configuration",
@@ -79,10 +81,12 @@
     "delete_team": "Supprimer l'équipe",
     "delete_template": "Supprimer le modèle",
     "delete_user": "Supprimer l'utilisateur",
+    "description": "Description",
     "destination": "Destination",
     "disabled": "Désactivé",
     "disabled_for_tags": "Désactivé pour les balises",
     "distinguished_name": "Nom distinctif (DN)",
+    "documentation": "Documentation",
     "edit_api_key_comment": "Éditer le commentaire de clé d'API",
     "email": "Courriel",
     "email_address": "Adresse de courriel",
@@ -208,6 +212,10 @@
     "reindex_vulnerable_software": "Logiciels vulnérables",
     "remove_api_key": "Retirer la clé d'API",
     "repositories": "Dépôts",
+    "repository_advisory_alias_sync_enabled": "Activer la synchronisation des alias des avis de sécurité",
+    "repository_advisory_alias_sync_toggle": "Activer la synchronisation des alias consultatifs de la sécurité",
+    "repository_advisory_mirroring_enabled": "Synchronisation consultative",
+    "repository_advisory_mirroring_toggle": "Activer le reflétement des avis de sécurité (bêta)",
     "repository_authentication": "Authentification requise",
     "repository_created": "Dépôt créé",
     "repository_deleted": "Dépôt supprimé",
@@ -269,6 +277,8 @@
     "vulndb": "VulnDB",
     "vulnsource_alias_sync_enable": "Activer la synchronisation des alias de vulnérabilité",
     "vulnsource_alias_sync_enable_tooltip": "Les données d'alias peuvent aider à identifier des vulnérabilités identiques dans plusieurs bases de données. Si la source fournit ces données, synchronisez-les avec la base de données de Dependency-Track.",
+    "vulnsource_composer_advisories_desc": "L'écosystème du compositeur fournit des avis de sécurité via ses référentiels de compositeurs. \nLes exemples sont https://packagist.org et https://packages.drupal.org/8. \nCes avis de sécurité sont utilisés par le compositeur pour fournir la commande d'audit compositeur.",
+    "vulnsource_composer_to_enable": "La mise en miroir consultative des compositeurs peut être activée pour un référentiel via sa configuration:",
     "vulnsource_github_advisories_desc": "GitHub Advisories (GHSA) est une base de données de CVE et d'avis de sécurité provenant de GitHub affectant le monde open source. Dependency-Track s'intègre à GHSA en reflétant les avis via l'API publique GraphQL de GitHub. Le miroir est actualisé quotidiennement ou au redémarrage de l'instance Dependency-Track. Un jeton d'accès personnel (PAT) est requis pour s'authentifier auprès de GitHub, mais aucun périmètre ne doit lui être attribuée.",
     "vulnsource_github_advisories_enable": "Activer la réplication des  GitHub Advisories",
     "vulnsource_nvd_desc": "La National Vulnerability Database (NVD) est la plus grande source publique de renseignements sur les vulnérabilités. Il est géré par un groupe au sein du National Institute of Standards and Technology (NIST) et s'appuie sur les travaux de MITRE et d'autres. Les vulnérabilités du NVD sont appelées Common Vulnerabilities and Exposures (CVE). Il existe plus de 100 000 CVE documentés dans le NVD depuis les années 1990 jusqu’à nos jours.",