Show patched version of dependency in the dependency review summary #823
Labels
enhancement
New feature or request
Comments
virangdoshi
changed the title
virangdoshi
changed the title
|
Hi @virangdoshi , thank you for the suggestion. In the meantime, I suggest you consider enabling Dependabot alerts for your repositories, which will alert you to vulnerable package versions, as well as suggest fixes to them. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In the PR summary, it would be nice to have a fix/patched version of the dependency, when a vulnerability is identified. The summary has vulnerability details, severity, etc. And additional column for "Patched Version" can be included as well. When a developer is looking at the summary, the patched version would help save time and avoid context switching in locating the patched version of the dependecy. Today, I have to click on the "vulnerability" link that points to the Github advisory database, which then contains the information on patched version of the dependency. The patched version column can be next to the severity column
The text was updated successfully, but these errors were encountered: