Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

According to the user-defined match and actions, a policy can be configured to approve or reject the library, de depending on its level of risk.

NOTE: You can set up customized Workflow Rules for all or a selected list of WhiteSource products or projects which will generate fix Pull Requests based on vulnerability severity or CVSS score. For details, see here.

...

Each organization can decide its own policies (at the organizational, product or project level) about which security issues and vulnerabilities are acceptable or not, de depending on their severity level, and which specific actions should be taken to handle them. For example, if the policy matches a library that contains specific licenses, you can approve or automatically reject it. 

...