You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We currently have criticality for checks. However, within a check, severity may vary. For example, contents: write is more critical than status: write, for example.
We currently have criticality for checks. However, within a check, severity may vary. For example,
contents: writeis more critical thanstatus: write, for example.I think it's feasible to tell sarif to overwrite the default check severity using the
levelfield https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#result-objectFor this to work, we need to update scorecard to report severity for each
Warn:result, tracked in ossf/scorecard#1874Related ossf/scorecard#1321
The text was updated successfully, but these errors were encountered: