Skip to main content

Priorities View

The Priorities View is accessible from the Developer dashboard. Click on the View link in the Priorities column on the Developer dashboard, for a specific application.

Priorities_View.png

This page shows components under 2 sections sections:

  • Top Priorities

    Shows 3 top priority components (or less, if < 3) for the selected application, based on the most recent evaluation. The priority is determined by Sonatype proprietary Priority Algorithm.

  • Remaining Priorities

    Shows all the remaining (besides the top 3) components for the selected application, based on the most recent evaluation.

Why is Prioritization Necessary?

The limited availability of resources (developer time) and tight deliverable deadlines, remediating policy violations during the development process may cause scope creep.

To prevent excessive scope creep and impacts to the sprint activities, remediation tasks can be prioritized. This allows lesser deadline disruptions, while maintaining a good security posture.

Prioritizing also helps prevent future or downstream use of the vulnerable components, leading to reduced policy violations.

The Recommendation Column

The Recommendation column shows the options available to remediate the policy violation. The component suggestions are in the following order, as available:

  1. next-no-violation with dependencies

  2. next-no-violation

  3. next-non-failing with dependencies

  4. next-non-failing

Click on a row, to view the component details page.

The Full Report

View_Full_Report.png

Click on the View Full Report button on the bottom of the page for a comprehensive application composition report generated by the IQ Server for the selected application.