Reviewing Quality Issues
We’ve updated our global, project, and release group Issues view to improve experience and functionality. This is the central inbox for all issues across all projects or all issues within a specific project.
From the main Issues tab, you can navigate to your Quality Issues.
In this article, you learn about filtering and sorting options. As well as, bulk actions you can take to address the identified issues.
TIP
You can refer to Creating Tickets and Ignoring Issues for more information on completing bulk actions.
Regardless of the type of issue you are reviewing, all issues are automatically filtered into two tabs:
- Active - All issues that require additional attention
- Ignored - Issues that have been reviewed and ignored
Filtering Options
You now have the ability to use filters to refine your search.
Filter Groups
Depth
| Filter Type | Description |
|---|---|
| Direct | Filter issues that are direct dependencies. |
| Transitive | Filter issues that are transitive dependencies. |
Ticket
| Filter Type | Description |
|---|---|
| Ticketed | Filter issues that already have a ticket associated. |
| Not Ticketed | Filter issues that have no associated tickets. |
Issue Type
| Filter Type | Description |
|---|---|
| Outdated Version | Filter Quality issues generated by Stale Package Prevention rules |
| Blocked package | Filter Quality issues generated by Blocked package rules in package management |
| Abandonware | Filter Quality issues generated by Abandonware risk intelligence rules |
| Empty Package | Filter Quality issues generated by Empty Package risk intelligence rules |
| Native Code | Filter Quality issues generated by Native Code risk intelligence rules |
NOTE
Please see Configuring Quality Policies for detailed breakdown of all quality issue types
First Found
| Filter type | Description |
|---|---|
| Anytime | Filter Quality issues that have been detected during any time frame. |
| Last 7 days | Filter Quality issues that have been detected within the last 7 days |
| Last 14 days | Filter Quality issues that that have been detected within the last 14 days |
| Last 30 Days | Filter Quality issues that have been detected within the last 30 days |
Package manager
The package manager filter enables a user to filter issues to only issues created by a particular ecosystem or package manager.
NOTE
The package manager filter will only display options from available ecosystems in the given issue scope (Global, project, release group)
Project Label
| Filter type | Description |
|---|---|
| Project Label | Filter to quality issues detected in project(s) that use a FOSSA provided or user defined project label for additional business context. Multiple labels may be selected using OR based logic. |
Team
The top-level team filters enables a user to filter to only issues detected by projects within the selected team(s). This filter displays issues for all teams by default
| Filter type | Description |
|---|---|
| Team(s) | Filter to quality issues detected in project(s) within a specific team. Multiple team(s) may be selected using OR based logic. |
Sorting Options
Depending on the number of issues that are listed in your central inbox, it is helpful to sort issues based on specific criteria to support your remediation process. You can sort Issues based on:
- When the Issue was found by FOSSA (newest to oldest or oldest to newest)
- The package name (ascending or descending alphabetical order)
- Issue count per semantic version (Most issues or least issues)
NOTE
The default sorting is set to Issue count when grouped by version and Newest (newest to oldest) when ungrouped.
Issue Actions
You can initiate actions by selecting the checkbox next to any issue, giving you access to the action menu.
Important
Available actions will depend on product type (licensing, security, quality), issue status (active, ignored), issue scope (global, release group, project), and action type (individual, bulk). Please see the table below for a detailed breakdown.
| Action | Description | Action type(s) | Product type(s) | Issue status | Issue scope(s) |
|---|---|---|---|---|---|
| Ignore (in current versions only) | Ignore the selected issue(s) for the current semantic version of the affected package. Doing so will ignore in only the selected, affected project(s). A new project revision containing any other semantic version of the package will generate a new active issue. | individual, bulk | licensing, security, quality | active | global, release group, project |
| Create ticket | Create a ticket (JIRA) containing all selected issues. Please see Creating a Jira Ticket for full usage and configuration details. Doing so with a previously ticketed issue(s) selected will link to the new ticket only. | individual, bulk | licensing, security, quality | active, ignored | global, release group, project |
| Unlink ticket | Remove the association between the selected issue(s) and any linked tickets. | individual, bulk | licensing, security, quality | active, ignored | global, release group, project |
| Download CSV | Download a CSV containing all selected issues scoped by issue status(active or ignored) | individual, bulk | licensing, security, quality | active, ignored | global, release group, project |
| Unignore | Change selected issue(s) status from ignored to active. Note doing so will not end any existing auto-ignore rules. Please see the auto-ignore section for more details on stopping auto-ignore rules. | individual, bulk | licensing, security, quality | ignored | global, release group, project |
Bulk Actions
You can action more than one issue at a time across all affected projects by using the select all or checking the boxes of the applicable issues in the global issues view.
IMPORTANT
By selecting the bulk action checkbox, it automatically selects all the issues listed on the page. To select all the applicable issues, you must click the Select all link that displays in green.
Issue Grouping
By default FOSSA issues will be grouped by semantic version. A user may change to the ungrouped view by selecting Version in the issue inbox header and changing to Ungrouped
Issue Drawer
The FOSSA issue detail UI has been updated with an easy to use issue drawer to quickly review and triage issues. A user can open the issue drawer by selecting anywhere within the desired issue's row.
Issue Drawer Controls
At the top right corner of an issue drawer a user can Expand , Share , or Close the issue drawer.
| Issue Drawer Control | Description |
|---|---|
| Expand | Opens a full screen view of the selected issues in a separate tab |
| Share | Allows a user to copy a link to the expanded view of the selected issue |
| Close | Closes the selected issue drawer |
Issue Drawer Issue Sub Navigation
The issue sub nav for a Quality issue is composed of the following sections:
| Subnavigation Name | Description |
|---|---|
| Issue Details | Detailed explanation of why the issue has been flagged and how many packages or projects are impacted |
| Dependency | Relevant information regarding the package itself, such as name, version, depth, and package manager/ecosystem |
Issue Drawer Projects Sub Navigation
The project sub nav for a security issue contains the following metadata:
| Metadata | Description |
|---|---|
| Project Name | Title of the project in FOSSA |
| Issue Status | Whether the issue is active or ignored in that project |
| View Path | The origin and dependency path to determine where the package was detected within the project |
Comments
Time and user stamped comments to track issue triage conversations.
Updated 5 months ago