scorecard icon indicating copy to clipboard operation
scorecard copied to clipboard
verified publisher icon ossf

Separate scanning alerts for vulnerabilities

Open ianlewis opened this issue 2 years ago • 5 comments

Currently the results of vulnerability reports result in a single code scanning alert on GitHub. It would be nice to have each vulnerability split out into a separate alert so that each could be responded to individually.

ianlewis avatar Apr 10 '23 00:04 ianlewis

@laurentsimon, Aren't you working on the results? Can this also be part of that?

naveensrinivasan avatar Apr 10 '23 14:04 naveensrinivasan

This won't be part of the first code changes, unfortunately. We will need to integrate the new results into SARIF. This will be a breaking change so it will take a bit of time. But we could add special handling code for the check in the meantime

laurentsimon avatar Apr 10 '23 23:04 laurentsimon

Stale issue message - this issue will be closed in 7 days

github-actions[bot] avatar Sep 16 '23 01:09 github-actions[bot]

This issue is stale because it has been open for 60 days with no activity.

github-actions[bot] avatar Nov 25 '23 01:11 github-actions[bot]

This issue has been marked stale because it has been open for 60 days with no activity.

github-actions[bot] avatar May 17 '24 01:05 github-actions[bot]