Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Additional fields under "Component Details" #920

Closed
jackstuard opened this issue Feb 3, 2021 · 7 comments
Closed

Additional fields under "Component Details" #920

jackstuard opened this issue Feb 3, 2021 · 7 comments
Assignees
@stevespringett
Labels
enhancement New feature or request p2 Non-critical bugs, and features that help organizations to identify and reduce risk pending release
Milestone
4.4

Comments

@jackstuard
Copy link

Current Behavior:

The current view at "Component Details" doesn't contain important fields that can be extracted under the bom.xml file like: external references (website, vcs, distribution, issue-tracker), and also publisher information.
image

Proposed Behavior:

Add adicional fields when uploading bom.xml: external references (website, vcs, distribution, issue-tracker), and also publisher information. Author also should be nice to have but will be hard to extract as it doesn't contain under bom.xml file.
image
@jackstuard jackstuard added the enhancement New feature or request label Feb 3, 2021
@stevespringett stevespringett added this to the 4.3 milestone Feb 3, 2021
@msymons
Copy link
Member

msymons commented Feb 3, 2021

This would be very useful functionality. In fact, I could have sworn that I requested the same a while back but cannot find it!

I would want to ensure that projects themselves in Dependency Track also use such links, but perhaps only in the form "Only use the links from BOM if not manually configured in DT".

Specifically...

  • Links from DT projects to the right URL important because we have multiple Jenkins Servers. I would use such a link all the time... "project X not updated in DT for a week, let me click link and go and see what happened".
  • Links to issue tracking useful because, sad to say, sometimes project names in issue tracking do not match how they are known elsewhere (or vice versa). Links to issue tracking could also be extended to provide integration with auditing (raise issues, etc)?
  • Naming issue also crops up in vcs repos!

@stevespringett
Copy link
Member

The first step is documenting what the external references are. There are about 15 or so different types that are supported by the standard. The UI and underlying database will need to be able to support all types. Once this ticket is implemented, then a future enhancement would be to display these links in various parts of the app depending on what type of external references are available.

@stevespringett stevespringett added the p2 Non-critical bugs, and features that help organizations to identify and reduce risk label Feb 3, 2021
@jackstuard
Copy link
Author

The first step is documenting what the external references are. There are about 15 or so different types that are supported by the standard.

Hummm.. where to document do you mean? The spec has something already no: https://github.com/CycloneDX/specification/blob/92ea506eb52db831f651d6f6be6b9ff014a93340/schema/bom-1.2.xsd#L676

@stevespringett
Copy link
Member

Apologies for the confusion. Let me rephrase... The first step is to support all external reference types that CycloneDX supports.

@stevespringett stevespringett modified the milestones: 4.3, 4.4 Feb 10, 2021
@stevespringett
Copy link
Member

External References were introduced in v4.2.0 for services. Todo: support needs to be added for components

stevespringett added a commit that referenced this issue Sep 21, 2021
@stevespringett
#920 - Added External Reference support to Components
e7cb78e
stevespringett added a commit to DependencyTrack/frontend that referenced this issue Sep 21, 2021
@stevespringett
Added External References to component details modal. Updated service…
b0b4014 
…s details modal so that external references are hyperlinks. DependencyTrack/dependency-track#920
@stevespringett
Copy link
Member

Will be available in 4.4.0

Screen Shot 2021-09-20 at 11 05 45 PM

@stevespringett stevespringett self-assigned this Sep 21, 2021
@msymons msymons mentioned this issue Sep 22, 2021
Closed
@jkowalleck jkowalleck mentioned this issue Nov 4, 2021
Closed
9 tasks
@github-actions
Copy link
Contributor

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 20, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@stevespringett stevespringett

Labels
enhancement New feature or request p2 Non-critical bugs, and features that help organizations to identify and reduce risk pending release
Projects
None yet
Milestone
4.4
Development

No branches or pull requests
3 participants
@stevespringett @msymons @jackstuard