Display Consolidated Component Occurrences

[saquibsaifee]

Current Behavior

Background

In our product-level SBOMs, we often encounter the same component (e.g., [email protected]) appearing in multiple container images. To reduce duplication, we are planning to use the evidence.occurrences.location field to consolidate these findings into a single component entry, even if the component appears in multiple images or multiple times within the same image.

Supporting Files

• duplicated.json: Current approach with 5 separate log4j components.
• deduped.json: Proposed approach with 1 log4j component and 5 occurrences.

Proposed Behavior

We’d like DT to:

• Showcase this consolidated representation clearly in the UI.
• Indicate that the component is found in multiple images or locations, even though it appears only once in the SBOM.
• Optionally, provide a way to view the specific image paths listed under evidence.occurrences.location.

Checklist

• [x] I have read and understand the contributing guidelines
• [x] I have checked the existing issues for whether this enhancement was already requested