Open
Description
Hi,
I would congratulate with you because that is a great project but I'm going to describe some "usability problems" that for me needs an improvement to make this project even better:
Our environment:
- dependencytrack version: 4.4
- a lot of projects
- use cases:- in a CI environment: CI pipeline will fail if a vulnerability >= high will be found
- to analyze stale projects for new vulnerabilities based on latest uploaded bom
Usability problems:
- A new vulnerability used by almost all projects has been published but not fixed yet (e.g. GHSA-57j2-w4cx-62h2). If a fix on our projects needs to be released it will be blocked by CI pipeline check. Right now I must suppress and manage that vulnerability on every project. It would be great if we can also manage vulnerabilities "globally": managing vulnerabilities on every project is not sustainable and leads to errors.
- Right now we can suppress/manage a vulnerability on every project but there is not a view of active/made suppressions (I need to track it somewhere else and if combined with problem 1 that is a huge management problem). It would be great if there was a recap view with all managed/suppressed vulnerabilities so we can figure out what is suppressed and need to be patched when a fix will be released