Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Show only vulnerable dependencies by default #30

Open
DarthHater opened this issue Jun 9, 2020 · 1 comment
Open

[FEATURE] Show only vulnerable dependencies by default #30

DarthHater opened this issue Jun 9, 2020 · 1 comment
Assignees
@gmohre
Labels
enhancement New feature or request help wanted Extra attention is needed
Milestone
v0.1.0

Comments

@DarthHater
Copy link
Member

  • What are you trying to do?

From user testing, we heard that it would be nice to only show vulnerable dependencies found, which is similar to how bundler-audit and other tools function.

  • What feature or behavior is this required for?

This just makes the tool more like other unix tooling, giving only actionable information to someone

  • How could we solve this issue? (Not knowing is okay!)

It still makes sense to have a mode that outputs the non vulnerable dependencies, I would introduce a flag like --loud where you can get the full output!

In the other tools, we also grouped the dependencies such that it was:

Non Vulnerable Dependencies

....list

Vulnerable Dependencies

....list

SUMMARY TABLE

I think it makes sense to do the same thing here!

  • Anything else?

Have a blast! Hit me up if you need any questions answered!

cc @bhamail / @DarthHater / @brittanybelle / @gmohre
@DarthHater DarthHater added enhancement New feature or request help wanted Extra attention is needed labels Jun 9, 2020
@gmohre gmohre self-assigned this Jun 12, 2020
@DarthHater DarthHater added this to the v0.1.0 milestone Jun 17, 2020
@gmohre gmohre mentioned this issue Jun 22, 2020
Merged
@gmohre
Copy link
Contributor

gmohre commented Jun 22, 2020

#33

gmohre added a commit that referenced this issue Jun 28, 2020
@gmohre
Merge pull request #33 from sonatype-nexus-community/feature-30
c269787 
[FEATURE] Show only vulnerable dependencies by default #30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gmohre gmohre

Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
v0.1.0
Development

No branches or pull requests
2 participants
@gmohre @DarthHater