Results Inbox
Last updated
Last updated
All vulnerabilities found by SupplyShark will appear in your results inbox.
The results inbox will show you an overview that includes a package name, vulnerability type, the GitHub URL the vulnerability was found in, and the date it was found.
In some cases, the vulnerability might appear in more than one GitHub repository and this will be indicated by the +1 like in the screenshot below:
There are 2 other inboxes identical to the main inbox, "Resolved" and "Ignored", which will contain the vulnerabilities you've marked as either "Resolved" or "Ignored". The resolved inbox will also include the date the vulnerability was resolved.
You can mark a vulnerability as resolved or ignored by clicking the dropdown menu.
Each vulnerability report will contain a
description of the issue
a list of all affected github repoistories
a list of all vulnerable locations from within each repository
remediation recommendations
You can also mark the report as resolved or ignored here
We recommend marking a report as resolved after you've fixed the issue.
Overtime, your progress for resolving reports will show up in the main dashboard.
If a vulnerability is marked as resolved and then found again at a later date, a new vulnerability report will be created.
Vulnerabilities that don't you choose not to fix should be marked as "ignored". This will hide it from the main inbox and it will be in the ignored inbox in case you decide to revisit it in the future.
If a vulnerability already exists in your dashboard and is found again, it won't be reported again, so there will be no duplicates.
In some cases, if the vulnerability is found in a new repository or new location and has not yet been fixed, the report will be automatically updated and receive a new report ID since there is new information.
