There are several ways you can view the issues SOOS identifies once your projects have finished scanning:

1.  The Recent Issues list is a preview of the issues that have been identified in the most recently scanned project, sorted from the most to the least severe. 

  • You can find the Recent Issues section in the top right corner of the SOOS Developer dashboard.
  • SOOS categorizes issue severity as critical, high, medium, or low. 
  • Clicking on any one of the issues in this list will open the full list of issues identified for that project.
  • Issues shown with the star icon are new vulnerabilities that are being detected for the first time.

2.  Clicking on items shown in the Projects section of the dashboard allows you to view the identified issues for any project of your choice.

  • Use the Search Projects field to locate projects more easily.
  • The Projects list can be sorted alphabetically or in order of most recent-to-least recently scanned, and can be filtered to show projects with a specific issue type, no issues, or no scans.

 

3.  The Recent Scans option in the left navigation menu opens to display a list of the 5 most recent scans, with the most recent on top.

  • Each of these list items link to the corresponding Project Details page, displaying all issues identified in the scan, once the scan has been completed.
  • If more than 5 scans exist in the history, the View All Scans link will display and will navigate to the main Developer Dashboard when clicked. 

4.  Alternatively you can choose to view issues in a specific project branch by selecting Issues from the left navigation menu.

  • Select the desired Project and Branch to view the corresponding issues. 
    • The Branch selection "No Branch" is used by SOOS when no branch information is provided with a scan.

Once on the Project Details page, you are able to filter your issues by Open, Pending, Suppressed, or Resolved status. 

  • You can also filter by issue types, electing to see only those issues classified as Vulnerabilities, Policy Violations, Dependency Typos, Dependency Substitutions, or Web Vulnerabilities (for DAST enabled accounts only).
    Note: Only one issue status and one issue type filter can be applied at a time.  Status and type filters can be applied independent of one another or simultaneously.

Refer to our Researching Your Issues article to learn more about how investigate your project's issues and how to initiate fixes for them.