Vulnerabilities

A metric showing the number and severity of vulnerabilities for a repository.

Available dimensions:

Data source

The source of the vulnerability data is SARIF files.

Data can be uploaded using the Code Metrics API, or the report uploader user interface.

The query is found on the Security page, which hosts a doughnut chart version of the vulnerabilities query data:

Three doughnut charts showing vulnerabilities for repo groups, split by severity