Enhancement - Show warning (fail optional) when an alert is auto-dismissed

advanced-security / dependabot-epss-action

Action to detect if any open :dependabot: Dependabot alert CVEs exceed an EPSS threshold and fail the workflow.

MIT License

2 stars 1 forks source link

Enhancement - Show warning (fail optional) when an alert is auto-dismissed #6

Open felickz opened 2 months ago

felickz commented 2 months ago

An alert might be auto-dismissed due to a fix not being available - this is not a great reason to not show a significant failure based on EPSS scoring!

There is a auto_dismissed_at dismissed_reason status we can use to help determine this.