Existing Component Policy Waivers/Labels and Security Vulnerability Overrides
Existing configurations of:
Reduced Overlapping Matches
Policy Violations, Security Issues, and License Threats
Due to these changes you may observe a different number of Policy Violations, Security Issues, and License Threats for the following reasons:
- Since existing Component-specific Policy Waivers and Security Vulnerability Overrides will need to be reapplied, until this is done it may increase the number of Policy Violations and Security Vulnerabilities.
- Since existing Component Labels will need to be reapplied, which may be tied to specific Policies, this may also alter the number of Policy Violations.
Additionally, if there are differences, then the corresponding Summary statistics will also differ.
One consequence to keep in mind of the potentially different Policy Violations is that you may see an increased number of unsuccessful builds. Due to this you may want to disable the Fail action on Policies for the Build stage until you have reapplied your component Policy Waivers/Labels and Security Vulnerability Overrides. Additionally, you may also want to enable Notifications on your Policies to be able to more easily spot Policy Violations that have appeared due to these changes.
Example Application Report Before and After
After these changes, one row will be able to represent a multitude of these files i.e.
In this example, the number of unique components remains the same, and so the number of rows on the License Analysis tab is unaltered.