Open starfishfive opened 2 months ago
I agree that the search on the Components page is very limited and could use some improvements. But what exact use-case can you currently not perform good enough to comply with CIS Control 6.4? Dependency Track does exactly what is stated in the requirements:
Establish and manage an updated inventory of third-party components used in development, often referred to as a “bill of materials,” as well as components slated for future use. This inventory is to include any risks that each third-party component could pose. Evaluate the list at least monthly to identify any changes or updates to these components, and validate that the component is still supported.
@valentijnscholten I would like the posibility to go trough the complete list, to insure that each component has:
As stated by the CIS assessment specification of safeguard 16.4
Current Behavior
Displays No matching records found
This is a dealbreaker to comply with CIS Control 16.4
Proposed Behavior
Show a list of all components.
Checklist