Skip to content

Show vulnerabilities in transitive packages for PackageReference type projects in PMUI #8756

New issue
New issue
Closed
NuGet/NuGet.Client
#5384
Closed
Show vulnerabilities in transitive packages for PackageReference type projects in PMUI#8756
NuGet/NuGet.Client
#5384
Assignees
jebriede
Labels
Functionality:VisualStudioUIPackage Manager UI et alPriority:2Issues for the current backlog.Product:VS.ClientStyle:PackageReferenceTenet:SecurityType:Feature
Milestone
6.8
@xavierdecoster

Description

@xavierdecoster
xavierdecoster
opened on Oct 28, 2019

A developer should be able to see a package vulnerability indicator for any known vulnerability in a transitive package in their dependency graph. 95% of vulnerable dependencies are transitive ones and we should bring awareness to this to help the ecosystem shift left.

image

Metadata

Metadata

Assignees

Labels

Functionality:VisualStudioUIPackage Manager UI et alPriority:2Issues for the current backlog.Product:VS.ClientStyle:PackageReferenceTenet:SecurityType:Feature

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions