You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently each match has a type (direct, indirect, fuzzy, etc), however, we can go a step further by adding a quantified number between 0-1 that indicates how "sure" we are that the match is legitimate based on a wide variety of factors (the vulnerability data source, how close the match was to package metadata, if any generated/guessed data was used to make the match, etc).
It's not quite clear how the formula for the confidence should be determined quite yet or how it would be useful for an end user. Up for thoughts, comments, and suggestions!
The text was updated successfully, but these errors were encountered:
Currently each match has a type (direct, indirect, fuzzy, etc), however, we can go a step further by adding a quantified number between 0-1 that indicates how "sure" we are that the match is legitimate based on a wide variety of factors (the vulnerability data source, how close the match was to package metadata, if any generated/guessed data was used to make the match, etc).
It's not quite clear how the formula for the confidence should be determined quite yet or how it would be useful for an end user. Up for thoughts, comments, and suggestions!
The text was updated successfully, but these errors were encountered: