aboutcode-org
Create a new Manage action from DejaCode Product to get a Vulnerability Summary
Objective is to improve visibility of vulnerabilities associated with Product Inventory Items and to manage them. The basic concept is roughly equivalent to the License summary currently available on a Product Inventory.
Add a "Vulnerability summary" option to the Manage dropdown on Product Inventory. Present a new form that lists the vulnerabilities associated with the Product Inventory items, including the following columns: VulnerableCode URL (same field currently displayed on a Package with a vulnerability) Summary (same field currently displayed on a Package with a vulnerability) Policy (new field -- see related issue https://github.com/nexB/dejacode/issues/97 ) Exploitability (new field -- see related issue https://github.com/nexB/dejacode/issues/98 ) Items (equivalent to the Items column on the License summary) {{other fields to be determined, such as VEX Status and a link to VEX details}}
Highlight items with an alert level policy (more details to be provided).
