click to fix - not working on tap pkg

Question

click to fix - not working on tap pkg

remy opened this issue 5 years ago · 2 comments

remy commented 5 years ago

Two points here:

Clicking didn't do anything, I had to go away from the decoration and to the 'tap' line, hover, open menu, then select 'fix'.
From there, it says there's no rememdiation available - so it can't actually be fixed.

Answer 1 · 2020-09-23T23:25:47.000Z

One other issue is that "fix vuln" shows even though a vulnerability is not fixable:

I'm happy to make a PR to fix this, but I'm not sure what it should say instead

Answer 2 · 2021-01-05T02:29:22.000Z

Maybe "Remediation options"? I checked a few in my own repos, and it seems to provide some additional details (but less than the page at "Learn about this vulnerability") with either

"Possible remediation" with version candidates (including when there's a patch meant to fix the vuln) or
"No remediation available."

The extension already expects people to know the term "remediation" once they click on the button, so it's not introducing any new language complexity to use it here. It would also still be shorter than the following text string, so space shouldn't be an issue.