Security policy results
A newly assigned policy, or changes to a policy, apply when the Project is re-scanned. This is what Project collaborators see when an action is applied to a vulnerability:
Action | What Project collaborators see |
Change severity to… | The new severity, as well as the originally assigned severity |
Ignore current and future instances | An ignored issue will look the same as a manual ignore, but it will be labelled “ignored by security policy” |
For an issue in a project page that’s been ignored by a security policy:

Issue ignored by security policy
Custom and original severity in the CLI

Custom and original severity in the CLI
Custom and original severity in Project Page UI

Custom and original severity in the Project Page UI
Custom and original severity in Open Fix PR UI

Custom and original severity in Open Fix PR UI
Custom and original severity in Reports

Custom and original severity in Reports
Last modified 1mo ago