Display TODO instead of None for CVE severity
Overview
In the Table of Fixes in the security blog post, we display the title and severity of each issue. If the CvesIssue#cvss_severity
is ever calculated to be 'None'
, we should instead display TODO
. The None
severity occurs when the CVE base score is 0.0. This is something that AppSec release managers should take note of and update the blog post since we don't want to publish None
. We use TODOs throughout the blog post to flag areas that need further info, so here we update to a TODO to catch everyones eye.