Database¶
Dependency-Track requires a PostgreSQL, or PostgreSQL-compatible database to operate.
The lowest supported version is 14. Prefer the newest available version.
For guidance on choosing a hosting solution, deploying, and tuning PostgreSQL, see the database configuration guide.
Extensions¶
Dependency-Track requires the following PostgreSQL extensions. When choosing a hosting solution, verify it supports them.
pg_trgm: Support for similarity of text using trigram matching
Note
Dependency-Track executes the necessary CREATE EXTENSION IF NOT EXISTS statements
during schema migration. You do not need to enable extensions manually.
Dependency-Track limits extension usage to those that:
- Ship with PostgreSQL out-of-the-box
- Are trusted by default
Tuning parameters¶
Dependency-Track recommends the following PostgreSQL parameters for production deployments. For context on when and why to apply these, see the advanced tuning guide.
autovacuum_vacuum_scale_factor¶
| Default | 0.2 |
|---|---|
| Recommendation | 0.02 |
| Tables |
|
| References | Documentation |
default_toast_compression¶
| Default | pglz |
|---|---|
| Recommendation | lz4 |
| References |
wal_compression¶
| Default | off |
|---|---|
| Recommendation | lz4 or zstd |
| References |
Schema migrations¶
By default, schema migrations run on startup as an init task, using Flyway. Upgrading from an older Dependency-Track version requires no manual action, unless the upgrade guides explicitly state otherwise.
