Make evidence field a first class database field

Problem to solve

Users want to see what vulnerabilities are tied to a specific component on the dependency list and triage them appropriately.

Today (December 2023), on the project Dependency List users can see what vulnerabilities there are for a given component, but they need to click each vulnerability individually. This limits triaging these vulnerabilities as a group of vulnerabilities.

Proposal

On the dependency list, users can click on vulnerabilities for a specific component. This opens the project vulnerability report with an automatic component filter applied.

Intended users

• Amy (Application Security Engineer)
• Sasha (Software Developer)

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.