- changed status to resolved
Mark the dependency with the security vulnerability
One of my projects has a "known security vulnerability" reported. Currently it is not possible to see which dependency is raising this issue, correct? Since the alert about a vulnerability is would great feature I would like to see which dependency is causing this.
Comments (7)
-
reporter -
reporter - changed status to open
Ok, I am confused. I see the tab when I click the link in the "Security Notifications"-mail, but I don't see it when I go to my projects using the "My projects" button on the web site.
The affected project is a now merged child project of another project, may that is that reason why?
-
@jdoose Can you post a link to the project? I would like to take a closer look.
-
reporter I'd prefer not to post them here, I'll send you the links via mail. ;)
-
Hi @JCarsique. I guess that's the same issue. the "child=summary" is a summary view about alle child projects. It hides all "green" dependencies and shows you all the "red" and "yellow" stuff in a compact view.
I guess this missing security issues is related to the API. Projects who are not updated/created via the API are not affected. Currently debugging this.
-
Hi @JCarsique. Your bug is fixed now. There was a bug in the summary view. The security infos only showed up if the dependency was out-dated as well. This is fixed now.
@jdoose I guess your bug still exists. But I'm working on a solution.
-
- changed status to resolved
@jdoose I guess it is fixed now. Project which have been created/updated via the API have lost detail information about their security flaws. Please update your projects again via the API and confirm that it's fixed now.
- Log in to comment
Feature already there.
My bad, I missed the "Security"-tab! Sorry!