GitHub Community
Section to provide explanation when dismissing Dependabot alerts. #13363
Unanswered
RLburrito
asked this question in
Code Security
Replies: 2 comments
-
|
Plus one! An other section where users can provide custom notes on why they are dismissing it, or more insight into why the risk is mitigated elsewhere, would definitely be useful |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
This would be excellent! When marking alerts as "Risk is tolerable to this project" it's nice to know why that is the case. This is especially important for security teams so they can ensure downstream teams have done their due-diligence investigating the issue and confirming that the vulnerability isn't exploitable. Appreciate all the work on Dependabot! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Please add section to provide explanation when dismissing Dependabot alerts especially in cases where none of the reasons available apply and have reasoning appear in the Closed alerts section. Adding "Other" would also be okay.
Beta Was this translation helpful? Give feedback.
All reactions