WebApp HTML Report should show number of open security vulnerabilities vs. all #5335
Comments
sschuberth
added
enhancement
|
@sschuberth Looks like we have to have another discussion about this, if I remember it correctly the last time we decided that resolved vulnerabilities would be a rule violations topic so therefore you did not want to introduce a |
|
We probably indeed need a follow-up discussion. What I remember / understood back then is that for vulnerabilities that you have to address (e.g. because of their severity) rules should be created. However, as you can resolve vulnerabilities in ORT independently of rule violations, it also makes sense to display how many vulnerabilities are unresolved. |
|
Hi everyone, I am also on @sschuberth's side and think, since those vulnerabilities are independent of the policies. Can you start the discussion? |
|
Hi everyone, |
|
@hanna-modica please ask someone from your team to add this to the agenda of an upcoming community meeting to start the discussion. |
We brought this up in the community meeting and @tsteenbe promised to implement this some time in December. |
|
Hi @sschuberth and @tsteenbe, since December has passed, can you give a new estimation, when this will probably be implemented? |
|
I'm out of the loop here, relying on @tsteenbe to answer. |
It would be nice, if the resolved security vulnerabilities could be shown in the summary of the tab (similar to the rule violations) in the form (x/y).
In the attached screenshot 4 vulnerabilities are found, all of which were accepted locally - thus it would be nice if they could be shown as (0/4) in the summary.
The text was updated successfully, but these errors were encountered: