dependency-track: init at 4.11.6 (#328669)

- [ToDesk](https://www.todesk.com/linux.html), a remote desktop applicaton. Available as [services.todesk.enable](#opt-services.todesk.enable).

- [Dependency Track](https://dependencytrack.org/), an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Available as [services.dependency-track](option.html#opt-services.dependency-track).

## Backward Incompatibilities {#sec-release-24.11-incompatibilities}

- `transmission` package has been aliased with a `trace` warning to `transmission_3`. Since [Transmission 4 has been released last year](https://github.com/transmission/transmission/releases/tag/4.0.0), and Transmission 3 will eventually go away, it was decided perform this warning alias to make people aware of the new version. The `services.transmission.package` defaults to `transmission_3` as well because the upgrade can cause data loss in certain specific usage patterns (examples: [#5153](https://github.com/transmission/transmission/issues/5153), [#6796](https://github.com/transmission/transmission/issues/6796)). Please make sure to back up to your data directory per your usage:

  ./services/web-apps/crabfit.nix

  ./services/web-apps/davis.nix

  ./services/web-apps/cryptpad.nix

  ./services/web-apps/dependency-track.nix

  ./services/web-apps/dex.nix

  ./services/web-apps/discourse.nix

  ./services/web-apps/documize.nix

  deepin = handleTest ./deepin.nix {};

  deluge = handleTest ./deluge.nix {};

  dendrite = handleTest ./matrix/dendrite.nix {};

  dependency-track = handleTest ./dependency-track.nix {};

  devpi-server = handleTest ./devpi-server.nix {};

  dex-oidc = handleTest ./dex-oidc.nix {};

  dhparams = handleTest ./dhparams.nix {};

import ./make-test-python.nix (

  { pkgs, ... }:

  let

    dependencyTrackPort = 8081;

  in

  {

    name = "dependency-track";

    meta = {

      maintainers = pkgs.lib.teams.cyberus.members;

    };

    nodes = {

      server =

        { pkgs, ... }:

        {

          virtualisation = {

            cores = 2;

            diskSize = 4096;

          };

          environment.systemPackages = with pkgs; [ curl ];

          systemd.services.dependency-track = {

            # source: https://github.com/DependencyTrack/dependency-track/blob/37e0ba59e8057c18a87a7a76e247a8f75677a56c/dev/scripts/data-nist-generate-dummy.sh

            preStart = ''

              set -euo pipefail

              NIST_DIR="$HOME/.dependency-track/nist"

              rm -rf "$NIST_DIR"

              mkdir -p "$NIST_DIR"

              for feed in $(seq "2024" "2002"); do

                touch "$NIST_DIR/nvdcve-1.1-$feed.json.gz"

                echo "9999999999999" > "$NIST_DIR/nvdcve-1.1-$feed.json.gz.ts"

              done

            '';

          };

          services.dependency-track = {

            enable = true;

            port = dependencyTrackPort;

            nginx.domain = "localhost";

            database.passwordFile = "${pkgs.writeText "dbPassword" ''hunter2'THE'''H''''E''}";

          };

        };

    };

    testScript = ''

      import json

      start_all()

      server.wait_for_unit("dependency-track.service")

      server.wait_until_succeeds(

        "journalctl -o cat -u dependency-track.service | grep 'Dependency-Track is ready'"

      )

      server.wait_for_open_port(${toString dependencyTrackPort})

      with subtest("version api returns correct version"):

        version = json.loads(

          server.succeed("curl http://localhost/api/version")

        )

        assert version["version"] == "${pkgs.dependency-track.version}"

    '';

  }

)