New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(vulnerabilities): set, maintain and expose vulnerabilitySeverity for templated fields #21939
Conversation
Update to draft PR pushed that addresses #21937 (comment) from @Churro, albeit in a somewhat hacky method |
Demonstration repository also created - https://github.com/setchy/renovate-demo-osv-severity |
An alternate name to |
Probably that was a misunderstanding but I didn't intend to recommend the implementation a hacky solution in my comment. I'm convinced there is a more elegant way to implement this in renovate but, personally, I'd rather spend longer tinkering with a nicer solution than implementing this with a crowbar. |
I was only referring to the multiple vulnerabilities piece you pointed out. was not suggesting you recommended this method of implementation - sorry if it came across that way. 😄 as always, absolutely happy to iterate on these PRs to find the best solution. I did spend a few hours this morning trying to find the "right place" before flattening etc occurs, but need further input. |
Reworked the implementation this morning. Removed the crowbar approach 😅 Feedback of course welcomed. Demo repo updated: https://github.com/setchy/renovate-demo-osv-severity/pulls |
🎉 This PR is included in version 35.80.0 🎉 The release is available on:
Your semantic-release bot 📦🚀 |
… for templated fields (renovatebot#21939)
Changes
Set
vulnerabilitySeverity
for package rules, maintain the highest rating for the update group and expose for use in any template-eligible fields, such ascommitMessageSuffix
.Demonstration repository: https://github.com/setchy/renovate-demo-osv-severity
Context
#21937
Documentation (please check one with an [x])
How I've tested my work (please select one)
I have verified these changes via: