feat: new toggle to hide/show aliased project vulnerability findings #1280
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Adam Setch <[email protected]>
🎉 Snyk checks have passed. No issues have been found so far.✅ security/snyk check is complete. No issues have been found. (View Details) |
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a UI toggle for audit vulnerabilities that allows users to show or hide aliased component findings, helping to clarify vulnerability metrics.
- Adds a new c-switch toggle in the Project Findings view.
- Implements client-side filtering of findings using a new filtering algorithm.
- Updates localized messages across several language files to support the new toggle.
Reviewed Changes
Copilot reviewed 14 out of 14 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/views/portfolio/projects/ProjectFindings.vue | Introduces a new toggle (c-switch) for aliased findings, implements filtering logic, and persists user preference in localStorage. |
| src/i18n/locales/* | Adds translations for the new toggle label in multiple languages. |
Comments suppressed due to low confidence (1)
src/views/portfolio/projects/ProjectFindings.vue:621
- The method name 'showAliasedFindings' conflicts with the data property of the same name. Consider renaming the method (for example, 'toggleShowAliasedFindings') to avoid ambiguity.
showAliasedFindings() {
Signed-off-by: Adam Setch <[email protected]>
setchy
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Add a new toggle to the Project Audit Vulnerabilities tab which will show/hide aliased component vulnerabilities within the list.
By default the behavior will remain the same, but the end-user has the option to toggle off the aliased results and see a non-repeating list of component vulns
Addressed Issue
This enhancement aims to avoid end-user confusion around the list of audit vulnerabilities + severities not matching the project vulnerability summary metrics which can occur when mirroring multiple vulnerability sources such as NVD and GHSA.
Additional Details
To avoid any backend API changes, the filtering is performed client-side
Checklist