When an issue is found in a dependency, the filename that gets displayed only contains the JAR file name, but it doesn't point to the actual file inside the JAR in which the issue has been found.
How to reproduce
Analyze tackle-test app with the configuration available in the Environment section.
Go to the issues view, Single application and filter by the tackle-testapp application.
Select the Java Mail API issue.
The list of affected files displays /root/.m2/repository/ch/qos/logback/logback-core/1.1.7/logback-core-1.1.7.jar among others.
Click on the file.
Issue is actually found in the LoginAuthenticator class.
Expected result
The filename includes the LoginAuthenticator class name and full path in the package tree.
This is how Windup displays issues within a JAR file, including class name and full path in the package tree:
Actual result
Only the JAR file name is displayed, not providing any coordinates about the class that contains the actual incidents for the given issue:
Environment
Description
When an issue is found in a dependency, the filename that gets displayed only contains the JAR file name, but it doesn't point to the actual file inside the JAR in which the issue has been found.
How to reproduce
/root/.m2/repository/ch/qos/logback/logback-core/1.1.7/logback-core-1.1.7.jar
among others.Expected result
The filename includes the LoginAuthenticator class name and full path in the package tree.
This is how Windup displays issues within a JAR file, including class name and full path in the package tree:
Actual result
Only the JAR file name is displayed, not providing any coordinates about the class that contains the actual incidents for the given issue: