Show vulnerability severity value in Web-App-Reporter

oss-review-toolkit / ort

A suite of tools to automate software compliance checks.

https://oss-review-toolkit.org

Apache License 2.0

1.61k stars 310 forks source link

Show vulnerability severity value in Web-App-Reporter #6406

Open hanna-modica opened 1 year ago

hanna-modica commented 1 year ago

When using the scan-report-web-app.html, it gives a good overview of security vulnerabilities, but only coloured icons indicate the severity. The actual value can only be found out in the AsciiDoc_vulnerability_report.pdf. It would be nice to have a new column where the severity provided by the security provider is displayed.

mnonnenmacher commented 1 year ago

I would prefer to implement this as a tooltip instead of a separate column. The same applies not only to the vulnerability severity but also to issues and rule violations.

Ragamuffin85 commented 1 year ago

I think you're right - "Tooltip"/"Mouse over" would do the trick At least for the user it would be great to get a feeling about the real values ❤️

I was also thinking about showing two values - Depending on the applied Vuln. Databases values could differ and therefor a "Min" and "Max" value would be great.

The attached picture contains the initially proposed "column-based-solution" but would also apply to Tooltips ;-)

d0ms0n commented 1 year ago

The "column-based-solution" would be nice! Any updates on this?