52 lines
2.8 KiB
Markdown
52 lines
2.8 KiB
Markdown
# Security Overview Dashboard
|
|
|
|
## Module
|
|
Web
|
|
|
|
## Status
|
|
VERIFIED
|
|
|
|
## Description
|
|
Consolidated security overview merging Analyze and Triage sections into a single security hub with release-aware finding counts and risk summaries.
|
|
|
|
## Implementation Details
|
|
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/security/`
|
|
- **Routes**: `security.routes.ts`
|
|
- **Components**:
|
|
- `artifact-detail-page` (`src/Web/StellaOps.Web/src/app/features/security/artifact-detail-page.component.ts`)
|
|
- `artifacts-page` (`src/Web/StellaOps.Web/src/app/features/security/artifacts-page.component.ts`)
|
|
- `exception-detail-page` (`src/Web/StellaOps.Web/src/app/features/security/exception-detail-page.component.ts`)
|
|
- `exceptions-page` (`src/Web/StellaOps.Web/src/app/features/security/exceptions-page.component.ts`)
|
|
- `lineage-page` (`src/Web/StellaOps.Web/src/app/features/security/lineage-page.component.ts`)
|
|
- `patch-map-page` (`src/Web/StellaOps.Web/src/app/features/security/patch-map-page.component.ts`)
|
|
- `reachability-page` (`src/Web/StellaOps.Web/src/app/features/security/reachability-page.component.ts`)
|
|
- `risk-page` (`src/Web/StellaOps.Web/src/app/features/security/risk-page.component.ts`)
|
|
- `sbom-graph-page` (`src/Web/StellaOps.Web/src/app/features/security/sbom-graph-page.component.ts`)
|
|
- `scan-detail-page` (`src/Web/StellaOps.Web/src/app/features/security/scan-detail-page.component.ts`)
|
|
- `security-findings-page` (`src/Web/StellaOps.Web/src/app/features/security/security-findings-page.component.ts`)
|
|
- `security-overview-page` (`src/Web/StellaOps.Web/src/app/features/security/security-overview-page.component.ts`)
|
|
- `unknowns-page` (`src/Web/StellaOps.Web/src/app/features/security/unknowns-page.component.ts`)
|
|
- `vex-hub-page` (`src/Web/StellaOps.Web/src/app/features/security/vex-hub-page.component.ts`)
|
|
- `vulnerabilities-page` (`src/Web/StellaOps.Web/src/app/features/security/vulnerabilities-page.component.ts`)
|
|
- ... and 1 more components
|
|
- **Source**: SPRINT_20260118_007_FE_security_consolidation.md
|
|
|
|
## E2E Test Plan
|
|
- **Setup**:
|
|
- [ ] Log in with a user that has appropriate permissions
|
|
- [ ] Navigate to `/security`
|
|
- [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
|
|
- **Core verification**:
|
|
- [ ] Verify the dashboard loads without errors and displays summary cards/metrics
|
|
- [ ] Verify data refreshes correctly and loading states are shown
|
|
- [ ] Verify empty state is displayed when no data is available
|
|
- **Edge cases**:
|
|
- [ ] Verify graceful handling when backend API is unavailable (error state)
|
|
- [ ] Verify responsive layout at different viewport sizes
|
|
- [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)
|
|
|
|
## Verification
|
|
- Run: `docs/qa/feature-checks/runs/web/security-overview-dashboard/run-001/`
|
|
- Date (UTC): 2026-02-11
|
|
|