Current Behavior
We're using collection projects to organize different versions of the same project. Collection projects set to aggregate direct children count and display only the sum of vulnerabilities in the child projects without checking for duplicates. So, for example, if you create a parent project and push the same sbom twice (e.g. with different versions) creating two identical child projects, the parent would aggregate both of them and show x2 number of vulnerabilities in the GUI even though all CVEs are duplicated.
Proposed Behavior
It would be great to have an option to adjust collection project behavior and have an option to ignore duplicate CVEs to have clearer overview of the amount of vlns.
Checklist
Current Behavior
We're using collection projects to organize different versions of the same project. Collection projects set to aggregate direct children count and display only the sum of vulnerabilities in the child projects without checking for duplicates. So, for example, if you create a parent project and push the same sbom twice (e.g. with different versions) creating two identical child projects, the parent would aggregate both of them and show x2 number of vulnerabilities in the GUI even though all CVEs are duplicated.
Proposed Behavior
It would be great to have an option to adjust collection project behavior and have an option to ignore duplicate CVEs to have clearer overview of the amount of vlns.
Checklist