I’d like to advocate a change to the Security Hotspot review workflow. It would be beneficial to be able to resolve a hotspot as a vulnerability type issue. With the review done, the reviewer uses own judgement in the context of the project to formally note it’s a must-be-fixed item.
Based on the discussion in
it seems like there’s ongoing development. Is there a development roadmap you can share?