Security Bot Enhancement - Notify Severity Changes for Existing Vulnerabilities

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Proposal

The current behavior of the security bot is causing confusion for development teams when it comments on existing vulnerabilities that have changed in severity without clear context. To address this, we propose the following enhancement:

1. The security bot should explicitly state when it's reporting on existing vulnerabilities that have changed in severity.
2. The bot should provide context about the severity change, including the previous and new severity levels.
3. A clear distinction should be made between new vulnerabilities and existing ones with changed severity.

This feature would help reduce confusion for app development teams and allow them to prioritize their responses more effectively.