Conversation
This PR updates the Software Composition Analysis (SCA) documentation to make the product model and UI views easier to understand. Changes: 1. Adds a How it works section that explains Static SCA (repo scans) vs Runtime SCA (APM) and how advisory ingestion impacts results. 2. Reorganizes content into Key capabilities with clearer user workflows (prioritize vulnerabilities, view by repository, PR Gates, library inventory, APM context). 3. Adds Understanding SCA views to explain the difference between Repositories Explorer (commit-scoped snapshot) and Vulnerabilities Explorer (continuously matched), including an example. 4. Documents retroactive advisory matching so customers understand why new CVEs can appear without rerunning scans. 5. Keeps existing setup and language support references and updates “Next steps” accordingly.
Preview links (active after the
|
There was a problem hiding this comment.
Pull request overview
Updates the Software Composition Analysis (SCA) documentation page to better explain SCA’s detection model (static vs runtime), reorganize workflows into clearer “key capabilities”, and clarify how results differ across SCA UI views.
Changes:
- Added a “How it works” section describing Static SCA vs Runtime SCA and advisory ingestion behavior.
- Reorganized the page into “Key capabilities” (vulnerability prioritization, repo views, PR Gates, inventory, APM context).
- Added “Understanding SCA views” explaining Repositories Explorer vs Vulnerabilities Explorer, plus retroactive advisory matching.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
Added DOCS-13624 to track review |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
Applied some minor improvements suggested by Copilot.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Applied Copilot suggestions.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
content/en/security/code_security/software_composition_analysis/setup_static/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Show resolved
Hide resolved
content/en/security/code_security/software_composition_analysis/_index.md
Outdated
Show resolved
Hide resolved
…s/setup_static/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…s/_index.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
This PR updates the Software Composition Analysis (SCA) documentation to make the product model and UI views easier to understand.
Changes:
What does this PR do? What is the motivation?
Merge instructions
Merge readiness:
For Datadog employees:
Your branch name MUST follow the
<name>/<description>convention and include the forward slash (/). Without this format, your pull request will not pass CI, the GitLab pipeline will not run, and you won't get a branch preview. Getting a branch preview makes it easier for us to check any issues with your PR, such as broken links.If your branch doesn't follow this format, rename it or create a new branch and PR.
[6/5/2025] Merge queue has been disabled on the documentation repo. If you have write access to the repo, the PR has been reviewed by a Documentation team member, and all of the required checks have passed, you can use the Squash and Merge button to merge the PR. If you don't have write access, or you need help, reach out in the #documentation channel in Slack.
Additional notes