Open CommunityBridge Vulnerability Detection

Vulnerability Detection detects vulnerabilities in CommunityBridge projects. Projects that are part of the CommunityBridge receive free daily scans via the Vulnerability Detection service in order to detect vulnerabilities in code repositories as well as library dependencies. CommunityBridge projects include a Vulnerability Report, which gives an overview of vulnerability severities.

Only project maintainers can access Vulnerability Detection details to gain visibility into open security issues and paths to remediation.

As a project maintainer, you can access vulnerability scan details for projects based on the CommunityBridge service you opted while enrolling your project:

Note: If you are not a project maintainer and/or not authorized to see vulnerability report for a project, you can request access to see vulnerability scan details.

Projects applied to CommunityBridge Funding

To see vulnerability scan deatils for projects applied to CommunityBridge Funding:

1.Sign In to CommunityBridge Funding website.

2.From dashboard, click a project of interest or navigate to your user account and select My Projects to see your projects.

My Projects

3.A dashboard shows various aspects of the project including a Vulnerability Report.

4.Navigate to the Vulnerability Report card, and click a severity level. Note: Log in if a Login Now prompt appears. CommunityBridge Vulnerability Detection appears and shows the Overview dashboard.

5.Access other dashboards by selecting a menu name to investigate vulnerabilities by using the data in the dashboards

Projects applied to CommunityBridge Vulnerability Detection

To see vulnerability scan details for projects applied to CommunityBridge Vulnerability Detection:

  1. Sign in to CommunityBridge Vulnerability Detection website. A dashboard shows various aspects of the project, and a Vulnerability Report.

  2. Navigate to your user account and select My Projects to see your projects.

  3. On a project card of interest, click See Details. Vulnerability Detection details appear and shows the Overview dashboard.

  4. Access other dashboards by selecting a menu name to investigate vulnerabilities by using the data in the dashboards.

Security Dashboard

Requesting Access to view Vulnerability Report

If you are not authorized to see vulnerability report for a project, Not Authorized pane appears when you click Contributor Login on a project of interest. To request access:

  1. Click Request Access. CommunityBridge Vulnerability Detection help center request form opens.

  2. Complete all the fields, and click Create. CommuntiyBridge support team reviews your request and informs you about your access permission.