# Release-Aware Security Findings

## Module
Web

## Status
IMPLEMENTED

## Description
Security findings list with release context showing which release each finding impacts, with delta indicators showing new/resolved findings between releases.

## Implementation Details
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/findings/`
- **Components**:
  - `ai-chip-row` (`src/Web/StellaOps.Web/src/app/features/findings/ai-chip-row.component.ts`)
  - `bulk-triage-view` (`src/Web/StellaOps.Web/src/app/features/findings/bulk-triage-view.component.ts`)
  - `findings-container` (`src/Web/StellaOps.Web/src/app/features/findings/container/findings-container.component.ts`)
  - `evidence-panel` (`src/Web/StellaOps.Web/src/app/features/findings/detail/evidence-panel.component.ts`)
  - `finding-detail-layout` (`src/Web/StellaOps.Web/src/app/features/findings/detail/finding-detail-layout.component.ts`)
  - `verdict-panel` (`src/Web/StellaOps.Web/src/app/features/findings/detail/verdict-panel.component.ts`)
  - `findings-list` (`src/Web/StellaOps.Web/src/app/features/findings/findings-list.component.ts`)
- **Source**: SPRINT_20260118_007_FE_security_consolidation.md

## E2E Test Plan
- **Setup**:
  - [ ] Log in with a user that has appropriate permissions
  - [ ] Navigate to `/findings`
  - [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
- **Core verification**:
  - [ ] Verify the component renders correctly with sample data
  - [ ] Verify interactive elements respond to user input
  - [ ] Verify data is fetched and displayed from the correct API endpoints
- **Edge cases**:
  - [ ] Verify graceful handling when backend API is unavailable (error state)
  - [ ] Verify responsive layout at different viewport sizes
  - [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)