docs: add Components page and glossary entry

Adds a new Pro-only Components page under Model Your Assets > Components covering the Component Table, and how to add, update, and remove components. Also adds a Component entry to the glossary.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: Jino-T

docs/content/asset_modelling/components/PRO__components.md

@@ -0,0 +1,40 @@
+---
+title: "Components"
+description: "Tracking third-party libraries and software components in DefectDojo Pro"
+audience: pro
+weight: 1
+---
+
+In DefectDojo, Components represent third-party libraries, software components, and modules that potentially have vulnerabilities.
+
+## The Component Table
+
+DefectDojo Pro includes a dedicated table view for Components. Imported Components remain on the table even if all of their associated Findings are Mitigated. When Findings are imported for a specific Component, the Component Table is updated to accurately reflect the new Finding totals.
+
+The Component Table displays the following columns:
+
+* **Component** — the name of the component, populated from scan data.
+* **Version** — the component version, populated from scan data.
+* **Active Findings** — count of Active Findings associated with the component.
+* **Duplicate Findings** — count of Duplicate Findings associated with the component.
+* **Total Findings** — total count of all Findings associated with the component.
+
+The totals for Active Findings, Duplicate Findings, and Total Findings are calculated from the Findings on the instance.
+
+Clicking on the Component Name or the values for Active Findings, Duplicate Findings, or Total Findings opens a filtered list of Findings for the respective field.
+
+A **None** Component is displayed on the table, which shows all Findings that are not associated with any Component.
+
+## Adding Components
+
+Components can be added from a scan import or by manually editing a Finding. Once a Component Name is associated with a Finding, it is added to the Component Table. If the Component is already associated with other Findings on the instance, the totals for Active Findings, Duplicate Findings, and Total Findings are updated accordingly.
+
+## Updating Components
+
+To update a Component Name or Version, all Findings associated with the Component must have their Component Name or Component Version field updated.
+
+## Removing Components
+
+To remove a Component from the Component Table, all Findings associated with the Component must be updated to remove their Component Name and Component Version fields. Components are also removed if all of their associated Findings are deleted.
+
+If all of a Component's Findings are Mitigated, the Component remains on the table but its Active Findings value is set to 0.

docs/content/asset_modelling/components/_index.md

@@ -0,0 +1,10 @@
+---
+title: "Components"
+date: 2021-02-02T20:46:29+01:00
+draft: false
+type: docs
+weight: 4
+sidebar:
+  collapsed: false
+exclude_search: true
+---

docs/content/help/glossary.md

@@ -19,6 +19,8 @@ A scoped security activity representing a testing window, pipeline, or assessmen
 A single execution of a scanner or manual assessment within an Engagement. Tests store execution metadata and act as the ingestion point for Findings.
 ## Service (Both)
 An optional sub-object used to attribute Findings to a specific component or interface within an Asset. Services are most useful in OS DefectDojo, as their functionality is replicated and enhanced by Asset Hierarchy in the Pro version.
+## Components (Both)
+A third-party library, software module, or external dependency that is tracked in DefectDojo Pro. Imported Components are derived from scan data and associated with Findings. In the Pro UI, the Component Table aggregates Active, Duplicate, and Total Finding counts per Component and remains populated even when all associated Findings are Mitigated.
 ## Finding (Both)
 The most granular vulnerability object in DefectDojo's Product Hierarchy that represents a discrete security issue.
 ### Finding Status (Both)