Ways to triage components in Polaris

All components detected in tests or added to projects manually are automatically listed in your software bill of materials (SBOM), and the issues derived from components are included in your issues. Triaging a component allows you to exclude the component from your SBOM and automatically dismiss the component's issues. If needed, you can change an excluded component back to included.

Note the following when triaging components:

• This feature is project specific, meaning that when you triage a component, it will be triaged for the whole project but not for other projects.
• You can triage components captured in a tests, and components that are added manually.
  Note: Components you add manually can be deleted. See Delete a manually added component for more information.
• Once you exclude a component, if it is detected in a later test, it will still appear as excluded.
• If the same component is detected in multiple branches of a project, you only need to triage it once. Triage actions are automatically applied across branches in a project.
• You can view the triage history of an individual component during triage.
  Note: Issue triage (see Ways to triage issues in Polaris) is affected by component triage.

  • When you exclude a component, any non-dismissed issues derived from the component are automatically dismissed.
  • When you include a component, any issues related to the component that has been previously dismissed automatically, are now set to the default state (not triaged).
• Dismissed issues and excluded components (via issue and component triage) are not included in reports and dashboards. It can take up to 60 minutes triage actions to affect reports and dashboards.