Skip to content

Define id for vulnerability

Cameron Swords requested to merge add_id_to_vulnerabilities into master

Vulnerabilities are not defined by their attributes, but rather by a thread of continuity and identity. For example, when a remediation fixes a vulnerability it is important to know exactly which vulnerabilities were fixed.

For this reason, it is important to have unique identifiers on each vulnerability. This changes adds an id field to vulnerability, with the suggestion that a UUID is a good candidate for the value.

id is not required yet, as cve has yet to be deprecated.

Merge request reports

Loading