Issues UI - What’s New

We’ve updated our global and project Issues view to improve experience and functionality. This is the central inbox for all issues across all projects or all issues within a specific project.

From the main Issues tab, you can navigate to your Licensing and Security Issues.

14001400

❗️

IMPORTANT

Issues are no longer classified as Resolved. They are now set to Ignored as it is more apt in describing what the action actually accomplishes. Any previously Resolved issues appear as Ignored.

In this article, you learn about filtering and sorting options. As well as, bulk actions you can take to address the identified issues.

🚧

TIP

You can refer to Creating Tickets and Ignoring Issues for more information on completing bulk actions.

Regardless of the type of issue you are reviewing, all issues are automatically filtered into two tabs:

  • Active
  • Ignored
    The Active tab lists all issues that require additional attention. The Ignored tab lists all issues that have been reviewed and set to ignore for various reasons.

Filtering Options

You now have the ability to use filters to refine your search. Refer to the table to review the list of available filters.

Licensing Filters

259259

Security Filters

251251

Filter Groups

Depth

Filter TypeDescription
DirectFilter issues that are direct dependencies.
TransitiveFilter issues that are transitive dependencies.

Ticket

Filter TypeDescription
TicketedFilter issues that already have a ticket associated.
Not TicketedFilter issues that have no associated tickets.

Issue Type

Filter TypeDesscription
DeniedFilter Licensing issues that are denied.
FlaggedFilter Licensing issues that have been flagged.
UnlicensedFilter Licensing issues that have been listed as unlicensed.
AbandonwareFilter Supply Chain Risks that are packages that have not seen any maintainer activity (i.e. publishing) for long period of time, in the case of FOSSA we set this window to 2 years.
Empty PackageFilter Supply Chain Risks that are those that have no executable code.
Native codeFilter Supply Chain Risks that embed compiled executable files.
Outdated versionFilter Quality Issues that are any dependencies that are out of date according to your defined policy.
Denied dependencyFilter Quality Issues that are dependencies denied by your policy.

Severity

Filter TypeDescription
CriticalFilter Security issues that have CVSS score 9-10
HighFilter Security issues that have CVSS score 7-8.9
MediumFilter Security issues that have CVSS score 4-6.9
LowFilter Security issues that have CVSS score 0.1-3.9
UnknownFilter Security issues that do not have a CVSS score

📘

NOTE

You can select Reset all filters to remove existing filters at any time to display all identified issues.

Sorting Options

Depending on the number of issues that are listed in your central inbox, it is helpful to sort issues based on specific criteria to support your remediation process. You can sort Issues based on:

  • When the Issue was found by FOSSA (newest to oldest or oldest to newest)
  • The package name (ascending or descending alphabetical order)
  • The severity of the listed issue (highest to lowest or lowest to highest)
207207

📘

NOTE

Under the Licensing issues tab, the default sorting is set to Package name (A to Z). Under the Security issues tab, the default sorting is set to Severity (Highest to lowest).

Bulk Actions

You can action more than one issue at a time across all your projects by using the select all or checking the boxes of the applicable issues in the global issues view.

❗️

IMPORTANT

This functionality replaces the Resolve in All Projects option when ignoring an issue in a particular project and the issue is found in other projects.

878878

❗️

IMPORTANT

By selecting the bulk action checkbox, it automatically selects all the issues listed on the page. To select all the applicable issues, you must click the Select all link that displays in green.

Issues Page

The UI has changed when accessing the details of a specific issue. To access the issue details, click the issue title.

872872

The Issue page lists all the information to which you are accustomed based on the Issue type. For security this includes Vulnerable Dependency, Vulnerability Details, and Affected Projects.

📘

NOTE

You can now see other affected projects along with their statuses and associated tickets.

11441144