dependency-track
dependency-track copied to clipboard
DependencyTrack
Issues with componets comments in Projects
Current Behavior:
In "Audit Vulnerabilities" tab of a project, when I set something in Comment textarea of a component, when I click on "Add Comment" the comment is erased (and lost)
There is a similar behavior for "Policy Violations tab", the comment is not erased, but does not seems persisted as textarea becomes empty if I refresh the page
Steps to Reproduce:
Try to set a comment in Audit Vulnerabilities for a component and click "Add Comment"
Try to set a comment in Policy Violations for a component and click "Add Comment", refresh the page
Expected Behavior:
The comment should be saved and displayed, not erased
Environment:
- Dependency-Track Version: 4.5.0
- Distribution: Docker
- BOM Format & Version: CycloneDX 1.4
- Database Server: Azure PostgreSQL
- Browser: Google Chrome Version 101.0.4951.64 (Official Build) (64-bit)
Additional Details:
The Comment textbox is not supposed to hold your comment after submission. Commenting is intended to be "fire and forget". Comments are not lost, as they're recorded in the audit trail.
For vulnerability auditing, there is a Details field that behaves differently. This is where you'd put additional analysis information that may change over time.
