The summary of alerts has been enhanced. The script now provides a detailed summary when alerts with a CVE exceed the EPSS threshold. It also generates a markdown summary of the alerts, which includes a table of all alerts that exceed the threshold.
Code refactoring:
Two new functions, Convert-ToOrdinalPercentile and Convert-SeverityToEmoji, have been added to the script. These functions will convert a decimal number to a percentile and a severity string to an emoji, respectively.
Improved alert handling:
The handling of Dependabot alerts has been improved. The script now retrieves all Dependabot alerts, not just those with a CVE ID. It also counts the total number of alerts and those without a CVE.
Enhanced reporting:
Code refactoring:
Convert-ToOrdinalPercentileandConvert-SeverityToEmoji, have been added to the script. These functions will convert a decimal number to a percentile and a severity string to an emoji, respectively.Improved alert handling:
Testing:
https://github.com/vulna-felickz/log4shell-vulnerable-app/actions/runs/9814579728?pr=33#summary-27102397083