You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi @MPV, apologies for the delay getting back to you on this issue.
We talked about this on our livestream today, but it was a little unclear what you were hoping to accomplish, so I thought I would get a little more information and suggest something that you could do today, based on a few assumptions.
The GitHub annotations support specifying a file and line, but Grype does not capture line numbers where packages were found. It does capture files, so it would be possible to associate a vulnerability in the list to a file, but it seems like you may have just been looking for a way to show the vulnerability report in a more convenient location. If that's the case, the GitHub summary is a pretty good way to go. You could store the table output to a file, and include it in the top-level workflow like this:
Hi,
Would you consider adding support for Annotations?
See for comparison:
The text was updated successfully, but these errors were encountered: