DependencyTrack · setchy · Jun 18, 2025 · Jun 18, 2025
diff --git a/src/i18n/locales/de.json b/src/i18n/locales/de.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Dienstschwachstellen",
     "services": "Services",
     "severity": "Schweregrad",
+    "show_aliased_findings": "Aliased Erkenntnisse zeigen",
     "show_complete_graph": "Vollständige Grafik anzeigen",
     "show_flat_view": "Flache Projektansicht anzeigen",
     "show_in_dependency_graph": "Im Abhängigkeitsdiagramm anzeigen",

diff --git a/src/i18n/locales/en.json b/src/i18n/locales/en.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Service Vulnerabilities",
     "services": "Services",
     "severity": "Severity",
+    "show_aliased_findings": "Show aliased findings",
     "show_complete_graph": "Show complete graph",
     "show_flat_view": "Show flat project view",
     "show_in_dependency_graph": "Show in dependency graph",

diff --git a/src/i18n/locales/es.json b/src/i18n/locales/es.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Vulnerabilidades del servicio",
     "services": "Servicios",
     "severity": "Gravedad",
+    "show_aliased_findings": "Mostrar hallazgos alias",
     "show_complete_graph": "Mostrar gráfico completo",
     "show_flat_view": "Mostrar vista plana del proyecto",
     "show_in_dependency_graph": "Mostrar en gráfico de dependencia",

diff --git a/src/i18n/locales/fr.json b/src/i18n/locales/fr.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Vulnérabilités des services",
     "services": "Services",
     "severity": "Criticité",
+    "show_aliased_findings": "Montrer des résultats aliasés",
     "show_complete_graph": "Afficher le graph complet",
     "show_flat_view": "Afficher les projets à plat",
     "show_in_dependency_graph": "Afficher dans le graph de dépendance",

diff --git a/src/i18n/locales/hi.json b/src/i18n/locales/hi.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "सेवा की कमज़ोरियाँ",
     "services": "सेवाएं",
     "severity": "तीव्रता",
+    "show_aliased_findings": "अलियास्ड निष्कर्ष दिखाएं",
     "show_complete_graph": "पूरा ग्राफ़ दिखाएं",
     "show_flat_view": "फ्लैट प्रोजेक्ट दृश्य दिखाएं",
     "show_in_dependency_graph": "निर्भरता ग्राफ में दिखाएं",

diff --git a/src/i18n/locales/it.json b/src/i18n/locales/it.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Vulnerabilità del servizio",
     "services": "Servizi",
     "severity": "Gravità",
+    "show_aliased_findings": "Mostra risultati alias",
     "show_complete_graph": "Mostra il grafico completo",
     "show_flat_view": "Mostra la vista piatta del progetto",
     "show_in_dependency_graph": "Mostra nel grafico delle dipendenze",

diff --git a/src/i18n/locales/ja.json b/src/i18n/locales/ja.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "サービスの脆弱性",
     "services": "サービス",
     "severity": "重大度",
+    "show_aliased_findings": "エイリアスの調査結果を表示します",
     "show_complete_graph": "完全なグラフを表示",
     "show_flat_view": "フラットプロジェクトビューを表示",
     "show_in_dependency_graph": "依存関係グラフに表示",

diff --git a/src/i18n/locales/pl.json b/src/i18n/locales/pl.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Luki w zabezpieczeniach usług",
     "services": "Usługi",
     "severity": "Powaga",
+    "show_aliased_findings": "Pokaż aliasowe ustalenia",
     "show_complete_graph": "Pokaż cały wykres",
     "show_flat_view": "Pokaż płaski widok projektu",
     "show_in_dependency_graph": "Pokaż na wykresie zależności",

diff --git a/src/i18n/locales/pt-BR.json b/src/i18n/locales/pt-BR.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Vulnerabilidades de serviço",
     "services": "Serviços",
     "severity": "Gravidade",
+    "show_aliased_findings": "Mostrar descobertas alias",
     "show_complete_graph": "Mostrar gráfico completo",
     "show_flat_view": "Mostrar visualização plana do projeto",
     "show_in_dependency_graph": "Mostrar no gráfico de dependência",

diff --git a/src/i18n/locales/pt.json b/src/i18n/locales/pt.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Vulnerabilidades de serviço",
     "services": "Serviços",
     "severity": "Gravidade",
+    "show_aliased_findings": "Mostrar descobertas alias",
     "show_complete_graph": "Mostrar gráfico completo",
     "show_flat_view": "Mostrar visualização plana do projeto",
     "show_in_dependency_graph": "Mostrar no gráfico de dependência",

diff --git a/src/i18n/locales/ru.json b/src/i18n/locales/ru.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Уязвимости сервиса",
     "services": "Сервисы",
     "severity": "Степень серьёзности",
+    "show_aliased_findings": "Показывать псевдонированные выводы",
     "show_complete_graph": "Показать полный график",
     "show_flat_view": "Показать плоский вид проекта",
     "show_in_dependency_graph": "Показать в графе зависимостей",

diff --git a/src/i18n/locales/uk-UA.json b/src/i18n/locales/uk-UA.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "Уразливості служби",
     "services": "Послуги",
     "severity": "Суворість",
+    "show_aliased_findings": "Показати псевдонім висновків",
     "show_complete_graph": "Показати повний графік",
     "show_flat_view": "Показати плоский вигляд проекту",
     "show_in_dependency_graph": "Показати в графі залежностей",

diff --git a/src/i18n/locales/zh.json b/src/i18n/locales/zh.json
@@ -834,6 +834,7 @@
     "service_vulnerabilities": "服务漏洞",
     "services": "服务",
     "severity": "严重程度",
+    "show_aliased_findings": "显示混叠的发现",
     "show_complete_graph": "显示完整图表",
     "show_flat_view": "展示单位项目视图",
     "show_in_dependency_graph": "在依赖图中显示",

diff --git a/src/views/portfolio/projects/ProjectFindings.vue b/src/views/portfolio/projects/ProjectFindings.vue
@@ -86,6 +86,17 @@
       /><span class="text-muted">{{
         $t('message.show_suppressed_findings')
       }}</span>
+
+      <c-switch
+        style="margin-left: 1rem; margin-right: 0.5rem"
+        id="showAliasedFindings"
+        color="primary"
+        v-model="showAliasedFindings"
+        label
+        v-bind="labelIcon"
+      /><span class="text-muted">{{
+        $t('message.show_aliased_findings')
+      }}</span>
     </div>
 
     <bootstrap-table
@@ -134,6 +145,12 @@ export default {
           'true'
         : false;
 
+    this.showAliasedFindings =
+      localStorage &&
+      localStorage.getItem('ProjectFindingsShowAliasedFindings') !== null
+        ? localStorage.getItem('ProjectFindingsShowAliasedFindings') === 'true'
+        : true;
+
     if (this.$route.params.vulnerability) {
       if (this.$route.params.affectedComponent) {
         // search for the last portion of the finding's matrix ID
@@ -149,6 +166,7 @@ export default {
   data() {
     return {
       showSuppressedFindings: this.showSuppressedFindings,
+      showAliasedFindings: this.showAliasedFindings,
       labelIcon: {
         dataOn: '\u2713',
         dataOff: '\u2715',
@@ -400,8 +418,14 @@ export default {
           );
         },
         onExpandRow: this.vueFormatterInit,
-        responseHandler: function (res, xhr) {
+        responseHandler: (res, xhr) => {
+          // Apply alias filtering if showAliasedFindings is false
+          if (!this.showAliasedFindings) {
+            res = this.filterAliasedFindings(res);
+          }
+
           res.total = xhr.getResponseHeader('X-Total-Count');
+
           return res;
         },
         url: this.apiUrl(),
@@ -505,6 +529,56 @@ export default {
         this.refreshTable();
       });
     },
+    filterAliasedFindings: function (findings) {
+      if (!Array.isArray(findings) || findings.length === 0) {
+        return findings;
+      }
+
+      const seen = new Set();
+      const filtered = [];
+
+      for (const finding of findings) {
+        const component = finding.component;
+        const vulnId = finding.vulnerability.vulnId;
+        const primaryFindingKey = this.componentVulnCompoundKey(
+          component,
+          vulnId,
+        );
+
+        // Check if the primary finding has already been seen
+        if (seen.has(primaryFindingKey)) {
+          continue;
+        }
+
+        const aliases = common.resolveVulnAliases(
+          finding.vulnerability.source,
+          finding.vulnerability.aliases,
+        );
+
+        // Check if any of the aliased findings have been seen
+        const aliasedFindingKeys = aliases.map((alias) =>
+          this.componentVulnCompoundKey(component, alias.vulnId),
+        );
+        const hasSeenAlias = aliasedFindingKeys.some((aliasKey) =>
+          seen.has(aliasKey),
+        );
+
+        if (hasSeenAlias) {
+          continue;
+        }
+
+        // Add the primary finding and its aliases to the seen set
+        seen.add(primaryFindingKey);
+        aliasedFindingKeys.forEach((aliasKey) => seen.add(aliasKey));
+
+        filtered.push(finding);
+      }
+
+      return filtered;
+    },
+    componentVulnCompoundKey: function (component, vulnId) {
+      return `${component.name}:${component.version}:${vulnId}`;
+    },
     refreshTable: function () {
       this.$refs.table.refresh({
         url: this.apiUrl(),
@@ -544,6 +618,15 @@ export default {
       }
       this.refreshTable();
     },
+    showAliasedFindings() {
+      if (localStorage) {
+        localStorage.setItem(
+          'ProjectFindingsShowAliasedFindings',
+          this.showAliasedFindings.toString(),
+        );
+      }
+      this.refreshTable();
+    },
   },
 };
 </script>