Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Qualify vulnerability references better #1637

Open
pombredanne opened this issue Nov 6, 2024 · 1 comment
Open

Qualify vulnerability references better #1637

pombredanne opened this issue Nov 6, 2024 · 1 comment

Comments

@pombredanne
Copy link
Member

pombredanne commented Nov 6, 2024

From a chat with @mjherzog :

We are returning in some cases too many references - Reference URLs. The volume of data can be overwhelming for popular vulnerabilities.

Eventually we need to qualify, sort and triage these references to make it easier to "triage" the references to focus on the higher value references. For example GitHub commit or pull request references should be very helpful if you are trying to analyze the impact of a vulnerability on your code, but references to discussion threads may be tangential.

It could also mean moving some references to packages or to the package-advisory intersection and create dedicated models for some reference data types.

@mjherzog
Copy link
Member

mjherzog commented Dec 4, 2024

Any list of references should allow you to filter or sort by Reference Type.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants