[min-vulnerabilities-allow] consider only report when there is a fix

Experience-Monks / adviser-plugin-dependencies

Adviser plugin with rules to ensure the use of healthy dependencies

MIT License

0 stars 1 forks source link

[min-vulnerabilities-allow] consider only report when there is a fix #10

Open neo opened 4 years ago

neo commented 4 years ago

current: report all and put then the the non-fixables into skip and people tend to forget about them

hoping: only report the fixable ones, or only error out on the fixable ones so that people don't grow the skip list and have them remained unfixed

iranreyes commented 4 years ago

I like the idea as another option, more like a "silent". Because even if not fixable sometimes you want to know there is a vulnerability. Maybe add a message saying the vulnerabilities are skipped, or a status about it.

neo commented 4 years ago

makes sense makes sense! good idea!!

neo commented 4 years ago

still wanting this 😝