18.7 Planning - Composition Analysis

Useful Links

➡️ CA - Interlock board

➡️ Kanban board with all features, bugs, and maintenance items picked up to work in this milestone.

⬅️ 18.6 Planning Issue

⬅️ Reaction Rotation Schedule

Useful Links
General info

General info

Theme

We need to focus on roadmap deliverables.

Period: 17/Nov/2025 - 12/Dec/2025
Reaction rotation: @zmartins @nilieskou (TBD)

Feature

Active Development

Description	DRI	Due	Notes
Maturing Static Reachability - Post GA	@onaaman	18.8	We will do low hanging fruit improvements for Java and then focus on frontend frameworks for JS/TS
Enabling Metrics for the DS analyzer	@nilieskou		@nilieskou will continue working on this providing what we need for DS GA.
Dependency Scanning GA	@gonzoyumo	??	@ifrenkel is supporting Olivier for this deliverable
Better support scanning of multiple container images	@zmartins	18.7
Auto-Remediation with automatic bumping of depe... (&17403)	@hacks4oats	18.8	@albi.yusupova Will work with Oscar on this.
SPDX license expressions ingestion in PMDB	@ifrenkel	18.8	This deliverable is currently de-prioritised due to DS GA.

Maintenance and bugs

Standalone issues

Bugs

---
display: table
fields: title, labels("priority*"), labels("severity*"), labels("Deliverable"),  labels("Stretch"), healthStatus, assignees, state
---
label = "group::composition analysis" AND label = "type::bug" AND label != "vulnmapper" AND milestone = "18.7"

Other

Feature

---
display: table
fields: title, labels("Deliverable"), labels("Stretch"), labels("workflow::*"), healthStatus, assignees, state
---
label = "type::feature" AND label = "group::composition analysis" AND milestone = "18.7"

Maintenance

---
display: table
fields: title, labels("Deliverable"),  labels("Stretch") ,labels("workflow::*"), healthStatus, assignees, state
---
label = "type::maintenance" AND label = "group::composition analysis" AND milestone = "18.7" AND label != "docs-only" AND state = opened

Edited Dec 15, 2025 by 🤖 GitLab Bot 🤖