sbp opened a new issue, #248: URL: https://github.com/apache/tooling-trusted-releases/issues/248
Following on from #87, we need to improve the very basic OSV scanner. Currently all vulnerabilities are reported as one potentially very long list. We should consider whether we can categorise or theme these. For release managers, it's going to be very difficult to know which vulnerabilities are really applicable to the released system, what the priorities are, whether the vulnerabilities are already known by the team or are new, etc. Things like release date, the lifting of the embargo, would be helpful to display and potentially allow sorting by. In short, there is a lot of room for improvement. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
