Version Recommendations for CVE-based Detections | Voters

Version Recommendations for CVE-based Detections

planned

Jake McNeil

One advantage other tools offer is suggesting which version to bump a package to. Integrating this feature would decrease the research time needed by our team, and I believe it could be a valuable addition to Socket as well.

Created by Feross Aboukhadijeh (Socket)

August 22, 2023

Feross Aboukhadijeh (Socket)

For CVEs, we now show the affected version ranges in the alert properties. This isn't quite a "recommended version" but should make it easier to find the best version to upgrade to.

Feross Aboukhadijeh (Socket)

marked this post as

planned

This was already a planned roadmap feature. Glad it's now tracked in our public feature tracker.