Skip to content

Link existing Issues to a Vulnerability

Problem

There's currently a way to create a new issue from a vulnerability in the dashboard, but the problem is there's no way (that I could find) to link an existing issue with a vulnerability.

Proposed solution

Provide an option to link an existing issue to the vuln.

Experience:

old mocks
No related issues Adding an issue Has related issues
no-linked-issues linking-issues multiple-issues-linked

Changes

  • Add related issues section to vulnerability page
    • Move create issue button into related issues section header
    • Add Add issue button into related issues section
    • Add issue counter and icon to related issue section
  • Add system notes for issue creation in the vulnerability page
  • Add system notes for issue linked in the vulnerability page

At the moment there is no reference on the issue page itself of the associated vulnerability. This presents a few challenges, the biggest being the exposure of a vulnerability in a public issue or an issue that should not contain this sensitive information. I think we hold off on that until we have more clarity on the workflow.

What success looks like

Can link a security dashboard vulnerability to an existing issue, rather than only creating a new issue from it.

Technical Implementation

  • Create a RelatedIssue component which displays a related issue and all the functionality described in the design frontend
  • Create a RelatedIssues component which fetches the related issues and contains the Create Issue and Add Issue button inside. frontend
  • Write tests for each them
  • Add documentation

/cc @plafoucriere @andyvolpe @bikebilly

Edited by Andy Volpe