Jenkins Security Advisories - UX Improvement Suggestions

[FredG]

Hi,

Thanks for the very thorough Jenkins security advisories.

Unfortunately, I find myself scrolling up and down a lot, when trying to find out the severity of an issue while reading it's description. That the order of the issues differs between the description section and the severity section does not help either. ;)

I'd suggest to add the severity to each issue's description to avoid the scrolling. If there is no added value in the separate severity section, than maybe getting rid of it entirely makes sense as well.

Regards,

Fred

[Daniel Beck]

> On 14. Jan 2021, at 17:58, 'FredG' via Jenkins Developers <jenkin...@googlegroups.com> wrote:
>
> I'd suggest to add the severity to each issue's description to avoid the scrolling. If there is no added value in the separate severity section, than maybe getting rid of it entirely makes sense as well.

Thanks for the feedback, I'll do that. I'm pretty sure I even have some work in progress for this somewhere, and then I wanted to move affected/fixed components too, but that ended up being more difficult, and I didn't do either in the end... Time to restart this!

(Meanwhile, as a workaround, you could view the page source. Unlike most jenkins.io stuff, the page is basically generated from front matter (metadata) using the page template. So if you can read YAML somewhat well, that is already grouped like you expect.)

[FredG]

Thanks Daniel!

I think I'll wait for the human-readable version. :D

[FredG]

Sorry to resurrect this thread from the dead.

More than one year later, the security advisories still suffer from the same issues.

Especially security advisories for a large number of plugins like https://www.jenkins.io/security/advisory/2022-02-15/ are hard to read, when the severity is only mentioned in a list at end.

Hopefully the format/structure of the security advisories can be improved in the near future. TIA

Regards,

Fred