Link vulnerabilities with PRs #12151
Unanswered
hfhbd
asked this question in
Code Security
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
If you use a vulnerable dependency and fix it by updating it in a PR, it would be nice to see a hint/link in the PR:
Additionally, Dependabot alerts could link the vulnerabilities to the PRs.
This would require running dependabot for each PR and comparing the vulnerabilities before and after the change...
Beta Was this translation helpful? Give feedback.
All reactions