Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fail-on-severity should still show lower severity vulnerabilities #775

Open
mario-campos opened this issue Jun 3, 2024 · 0 comments
Open

fail-on-severity should still show lower severity vulnerabilities #775

mario-campos opened this issue Jun 3, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@mario-campos
Copy link

mario-campos commented Jun 3, 2024
edited
Loading

While one may want to fail the workflow run if a vulnerability meets a certain severity level, it would still be nice to see the lower severity vulnerabilities that are being introduced, if only as informational.

IIRC, the current behavior is that, when fail-on-severity is set, the Action only reports/shows vulnerabilities that meet that severity level, and ignores all others. The difference that I'm requesting is to still show the lower severity vulnerabilities, but not fail on them.
@jonjanego jonjanego added the enhancement New feature or request label Jun 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jonjanego @mario-campos