Configuration Hierarchy RISKSHEET applies settings in the following order (later values override earlier ones):
See Configuration Hierarchy for details on template inheritance and override behavior.
Global Configuration Properties These properties are configured in Project Administration > Configuration Properties and apply globally to all RISKSHEET documents in the project.
Property Type Default Description nextedy.risksheet.riskDocumentTypestring riskSpecificationPolarion document type(s) representing risk analyses. Only documents of these types appear on the RISKSHEET tool page. nextedy.risksheet.risksheetTemplatePathstring Risks/Risk SpecificationPath to the document template used when creating new risk analyses. Used by the “Create New” wizard. nextedy.risksheet.upstreamSubColumnsReadonlyboolean trueControls whether upstream sub-columns (showing linked item properties) are read-only. Set to false to allow editing of upstream columns. nextedy.risksheet.checkPrototypePermissionsboolean trueEnables work item permission checking. Disable when using custom permission schemes. nextedy.risksheet.branchingSupportboolean falseEnables support for Polarion branched documents and baseline comparisons. nextedy.risksheet.disable_admin_checkboolean falseWhen true, restricts the “Configure” action to project administrators only. nextedy.risksheet.editableReferencedWorkItemsboolean falseAllows editing of referenced work items on branched RISKSHEETs (requires v23.3.3+). nextedy.risksheet.checkInstanceFieldPermissionsboolean falseEnables field-level access control. Disabled by default due to performance impact. nextedy.risksheet.checkLinkRoleComplianceboolean falseEnables validation of multiple link roles for item link columns (v24.2.2+). nextedy.risksheet.downstreamFromRevisionboolean falseFreezes downstream items at baseline revision time instead of showing latest versions. nextedy.risksheet.moduleOnlyPermissionsboolean falseImproves loading performance by checking only document permissions instead of item-level permissions (v24.8.5+). nextedy.risksheet.loadTasksFromDocumentboolean falseWhen true, loads tasks only from a specific document rather than searching all available tasks (v23.8.3+). nextedy.risksheet.includeProjectBaselinesboolean falseEnables baseline comparison functionality in the History menu (v24.2.0+). nextedy.risksheet.isSearchAllFieldsWhenSearchingLinkedItemsboolean falsePerforms full-text search across all work item fields when searching for items in itemLink columns. Disable to search by ID and title only. nextedy.risksheet.isSuggesterFuzzySearchingboolean trueEnables fuzzy/similarity search in the text field suggester. When disabled, only exact matches appear. nextedy.risksheet.isSuggesterWildcardSearchingboolean trueEnables wildcard searching in the suggester. When true, partial word matches (“test” matches “testing”). nextedy.risksheet.isSuggesterKeywordsMandatoryboolean falseWhen true, all search keywords must be present. When false, the suggester finds the best matches even if some keywords are missing. nextedy.risksheet.upstreamChainsstring (empty) Enables extra relationship chains between upstream work items. Format: ItemType1-linkRole-ItemType2 (comma-separated for multiple chains). Example: harm-relates_to-hazard
Document Configuration Defaults These are the default values applied when a property is not explicitly defined in the document’s risksheet.json configuration file.
Global Settings Property Type Default Description global.readonlyboolean falseForces the entire RISKSHEET into read-only mode when viewing historical revisions. global.refreshOnSaveboolean falseAutomatically refreshes the RISKSHEET after saving changes. global.culturestring (system locale) Localization culture code (e.g., en-US, de-DE). global.addAsSubmenuboolean falseDetermines if RISKSHEET appears as a submenu item in the Polarion interface. global.suggestTextFieldsboolean falseEnables autocomplete/suggester functionality for text field columns. global.helpstring (empty) URL or path to custom help documentation for this RISKSHEET configuration.
Property Type Default Description headers.rowHeader.widthnumber 90Width in pixels of the row header column. headers.rowHeader.rendererstring (default) Custom renderer class or script for row header cells. headers.columnHeader.heightnumber (auto) Height in pixels of the column header row. When not specified, adapts to content. headers.columnGroupHeader.heightnumber (auto) Height in pixels of the column group header row. When not specified, adapts to content.
Column Defaults Property Type Default Description columns[].levelnumber 1Hierarchical level at which this column appears. columns[].canCreateboolean trueFor itemLink/multiItemLink columns, allows creating new linked items directly from cells. columns[].filterableboolean trueAllows users to filter the RISKSHEET by this column’s values. columns[].readOnlyboolean falseWhen true, prevents editing. Automatically set to true for formula columns, server-rendered columns, system fields, and when permissions deny modification. columns[].widthnumber (auto) Column width in pixels. When not specified, width adapts to content. columns[].typestring (auto-detected) Data type of the column. Automatically inferred from Polarion field type if not specified. columns[].idstring (auto-generated) Unique identifier for the column. Auto-generated from header or binding if not specified.
Data Types Configuration Property Type Default Description dataTypes.risk.typestring (required) Polarion work item type(s) for risk items (comma-separated for multiple). Evaluated through PolarionExpressionEvaluator. dataTypes.risk.rolestring (required) Link role used when creating relationships to risk items. Evaluated dynamically. dataTypes.risk.removeStrategystring deleteStrategy for removing risk items: delete (permanent removal) or alternative methods. dataTypes.risk.rejectedActionstring rejectWorkflow action to execute when a risk item is rejected during review. dataTypes.risk.rejectedStatusstring rejectedStatus value to set when a risk item is rejected. dataTypes.risk.rejectedResolutionstring invalidResolution value to set when a risk item is rejected. dataTypes.task.typestring (optional) Polarion work item type(s) for mitigation tasks (comma-separated for multiple). Evaluated through PolarionExpressionEvaluator. dataTypes.task.rolestring (optional) Link role used when creating relationships to task items. Evaluated dynamically. dataTypes.task.showInMenuboolean trueControls whether task creation options appear in context menus. dataTypes.task.zoomColumnstring (none) Column ID used to identify task items in zoom/focus operations.
Levels Configuration Property Type Default Description levels[].namestring (required) Display name for this hierarchical level in the RISKSHEET navigation. levels[].controlColumnstring systemItemIdColumn ID used to control expand/collapse behavior for this level. levels[].zoomColumnstring (none) Column ID that identifies items at this level for zoom/focus operations. levels[].showInMenuboolean trueControls whether this level appears in the RISKSHEET navigation menu.
Review Configuration Property Type Default Description reviews.reviewManagerstring (none) Specifies which review manager implementation to use: comment-based, workitem-based, or approval-based. When not set, reviews are disabled. reviews.typePropertiesobject (empty) Configuration object defining review-specific type properties for linking and querying reviewed items.
When embedding RISKSHEET as a Polarion page component, these widget parameters have default values:
Parameter Type Default Description documentIdstring (current document) Polarion document ID to display. If omitted, shows the current document. projectIdstring (current project) Polarion project ID containing the document. If omitted, uses the current project context. revisionstring (current) Specific document revision to display. If omitted, shows the latest version. readonlyboolean falseForces read-only mode regardless of user permissions. configPathstring (auto-resolved) Path to custom risksheet.json configuration. If omitted, uses template or document configuration.
Example: Default Configuration When you create a new RISKSHEET document without any explicit configuration, the system applies these core defaults:
{ "global" : { "readonly" : false , "refreshOnSave" : false , "suggestTextFields" : false }, "headers" : { "rowHeader" : { "width" : 90 } }, "dataTypes" : { "risk" : { "removeStrategy" : "delete" , "rejectedAction" : "reject" , "rejectedStatus" : "rejected" , "rejectedResolution" : "invalid" }, "task" : { "showInMenu" : true } }, "columns" : [] }
Defaults are progressively overridden as you move through the configuration hierarchy (global → template → document). You only need to specify values that differ from the defaults at each level.
Setting nextedy.risksheet.checkInstanceFieldPermissions to true provides field-level security but impacts performance. Enable only if you have complex custom permission schemes.
See also:
KB Articles Source Code
PolarionAppConfigManager.javaRisksheetViewServlet.javaShowConfigurationCommand.tsAppConfigParser.tsSystemConsts.java 
