Bug - Handle scenario where dependabot alert exists with no CVE

advanced-security / dependabot-epss-action

Action to detect if any open :dependabot: Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.

MIT License

2 stars 1 forks source link

Closed felickz closed 2 months ago

felickz commented 2 months ago

Handle scenario where dependabot alert exists with no CVE

As expected, this is possible to an alert withotu a CVE add a $null item to a collection: