fix: Update dependency list popover copy

Duo Developerrequested to merge
duo/bugfix/583659-update-dependency-list-popover-copy into master

Relates to issue #583659 (closed)

Changes

Updated the copy in the Dependency List popover to improve clarity and accuracy:

  • Updated Vue Component (ee/app/assets/javascripts/dependencies/components/vulnerabilities_popover.vue)

    • Replaced confusing "issues" terminology with "vulnerabilities"
    • Old copy: "The dependency list shows only active, currently detected issues. Vulnerabilities that are no longer detected are filtered out."
    • New copy: "The dependency list excludes vulnerabilities that are no longer detected in the project. Removing these vulnerabilities gives you a more accurate risk assessment of each component."

  • Updated Jest Test (ee/spec/frontend/dependencies/components/vulnerabilities_popover_spec.js)

    • Updated test expectations to match the new copy
    • Ensures tests pass with the updated component text

The popover title "Focused vulnerability reporting" remains unchanged. The new copy provides clearer explanation of why vulnerabilities are filtered, focusing on accurate risk assessment rather than just stating they are filtered out.

Edited by Marcel van Remmerden

Merge request reports