New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security Advisories page should list all associated identifiers #1392

Closed

naderman opened this issue Sep 1, 2023 · 1 comment

Labels

Feature

Member

naderman commented Sep 1, 2023

A security advisories page, e.g. https://packagist.org/packages/symfony/http-foundation/advisories?version=2557737 should show all the related identifiers. That includes in particular our own PKSA- identifiers so one can easily copy and reference them.

We should also provide an easy way to look up an advisory through a corresponding PKSA id in the URL.

Seldaek added the Feature label

Member

Seldaek commented Oct 27, 2023

Ok the GHSA id and PKSA are shown now on https://packagist.org/packages/symfony/http-foundation/advisories?version=2557737 for example, if you click the PKSA one you get to a page referencing just that one advisory. And if you enter PKSA, GHSA or CVE id in the search it also just redirects you to that page. e.g. https://packagist.org/security-advisories/CVE-2019-18888

Seldaek closed this as completed in

2298fd4

Seldaek mentioned this issue

Security advisories: store severity #1395

Merged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment