Display NVD API Attribution Notice

[sebD]

Current Behavior

This issue is a parent of dependency-track#3294

Since Dependency Track use NVD Rest API (with the APIKEY provided by the deployer) the product Dependency Track should have to respect the Terms of Use of the NVD API and display somewhere the required notice

This product uses the NVD API but is not endorsed or certified by the NVD.

OWASP Dependency Check had the same issue : DependencyCheck#6105

Steps to Reproduce

Browse the available documentation on the website: no notice
google search prompt : site:https://docs.dependencytrack.org/ "This product uses the NVD API but is not"

No notice on the about dialog in v 4.10.0 the NVD appears in the DATASOURCE PROVIDERS but without the notice.

Expected Behavior

The NVD terms of use should be respected.

Dependency-Track Frontend Version

4.7.x

Browser

Google Chrome

Browser Version

No response

Operating System

Windows

Checklist

• I have read and understand the contributing guidelines
• I have checked the existing issues for whether this defect was already reported

[sebD]

Hi,

I opened this issue to discuss the proper way to display the message in the About dialog as suggested by msymons