This shows in the UI the vulnerability assessments from the Vaadin Security Team:
the assessment is shown only if the dependency has the com.vaadin group-id
if the current Vaadin version is not maintained, a message is shown in place of the assessment:
This app is running with Vaadin 8.8.0 which is not currently getting security updates. Please upgrade to one of the latest maintained versions: 8.20.0, 8.20.1, 8.20.2, 8.20.3
if the dependency version has no assessments from the Vaadin Security Team, this message is shown in place of the assessment:
This vulnerability has not yet been assessed by the Vaadin Security Team. Please check later for updates.
if there is an assessment available, the status and the comment from the Vaadin Security Team are displayed.
This shows in the UI the vulnerability assessments from the Vaadin Security Team:
com.vaadingroup-id