Skip to content

Feature: Show/Hide Suppressed Findings on Vulnerability Audit Grouped View #5257

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
colinfyfe wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Feature: Show/Hide Suppressed Findings on Vulnerability Audit Grouped View #5257

colinfyfe wants to merge 1 commit into from

Conversation

@colinfyfe
Copy link
Contributor

@colinfyfe colinfyfe commented Aug 26, 2025
edited
Loading

Description

Adds the ability to exclude suppressed findings from the Vulnerability Audit "Grouped Vulnerabilities" tab, mirroring the functionality in the "Vulnerabilities By Occurrence" tab. Defaults to hiding suppressed findings.

Existing behaviour with suppressed findings visible:

issue-4507-show-suppressed-on

New behaviour with suppressed findings hidden:

issue-4507-show-suppressed-off

Addressed Issue

Resolves #4507

Additional Details

Added showSuppressed filtering based on getAllFindings(). Differs from that method though in that pagination is handled via SQL instead of retrieving all records then sublisting results which should be more performant on large result sets.

This PR covers the API changes - the Frontend changes are covered in DependencyTrack/frontend#1320

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • [ ] This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@owasp-dt-bot
Copy link

owasp-dt-bot commented Aug 26, 2025
edited
Loading

🎉 Snyk checks have passed. No issues have been found so far.

security/snyk check is complete. No issues have been found. (View Details)

@colinfyfe colinfyfe mentioned this pull request Aug 26, 2025
Open
4 tasks
@colinfyfe colinfyfe marked this pull request as ready for review August 26, 2025 19:54
@colinfyfe
Add Suppressed Finding Filter to Grouped Vuln Audit
bc76e7c 
* Addresses issue 4507
* Added showSuppressed filtering mirroring getAllFindings()
* Differs from getAllFindings in that pagination is handled via SQL
  instead of retrieving all records then sublisting results
* Added getAllFindingsGroupedByVulnerabilityCount method to support
  the above pagination behaviour
* Added second ordering clause by vulnID such that results maintain
  consistent ordering beyond the primary user-selected sort column
* Removed unused processAggregatedDateRangeFilter method
* Added tests covering the above

Signed-off-by: colinfyfe <[email protected]>
@colinfyfe colinfyfe force-pushed the fix-issue-4507-suppressed-vulns branch from 4d11e12 to bc76e7c Compare October 1, 2025 00:52
@colinfyfe colinfyfe mentioned this pull request Oct 1, 2025
Open
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Vulnerability Audit Grouped View: Affected Projects count includes surpressed vulnerabilities

2 participants

@colinfyfe @owasp-dt-bot