Consider using something other than a ~~strike~~ for dismissed vulnerabilities
The security dashboard and security reports currently use strike to distinguish dismissed vulnerabilities.
This distinction is not really clear (especially for the visually impaired) so we should look at an alternative way of displaying these.
There' already been some discussion on https://gitlab.com/gitlab-org/gitlab-ee/issues/6079 but since the core of that issue is something else, it would make sense to pick up that discussion here.
New Designs
Dismissed |
---|
![]() |
Revert dismissal |
---|
![]() |
cc/ @andyvolpe @leipert @ClemMakesApps @jkarthik
The following discussion from !7910 (merged) should be addressed:
-
@leipert started a discussion: (+6 comments) HTML semantics I know that @iamphill told you to use a class instead of
<strike>
But I am wondering whether that is the right semantics. Looking at bootstraps typography we could also have used the<s>
element. But I think that wouldn't help with accessibility...@andyvolpe TBH I think we do a bad job conveying the dismissed semantic with the strike through only. People with vision impairment won't be able to see the strike-through. So we probably should somehow explicitly tell that the vulnerability is dismissed. Either by adding it to the row, as a title attribute or maybe just as a hidden element for screen readers.
Probably should be discussed in a follow-up issue...