Also, there seems to be no matching category for this post.
At least it was not obvious to me which to choose. Please correct if necessary.
And: It may be a nice feature to capitalize the first letter of each thread title.
But in cases like this, it would be nice to at least be able to correct the title.
Unstable vs. insecure - these are independent dimensions.
There is a lot of “unstable” open source software: In most projects I use the “latest version” (that the dev team bundled, such as a NC beta 4, I’m not talking about automated daily builds here) IS secure. In fact, in many cases security bugs are fixed on trunk first, and immediately after that in production releases (and backports).
So the scanner should report more clearly.
Yes, this is a RFE proposal only, I can live with how it is and interpret the output.
Did you run a re-scan already? The security scanner seems to be a one-time-scanner which you manually trigger. Afterwards you only see the last scan results and need to perform a new scan.
There should be a timestamp for the latest scan, that helps you identify if the version detection is wrong or the scan didn’t run.
YES! I totally missed that TINY GRAY yin-yan-arrow symbol and the timestamp. Thanks for the hint. Re-scanning now.
If any ADMIN listens, PLEASE make that hint more prominent (at least if the scan is older).
Also, there should be a bug tracker on github for the scaner!
Even after rescanning, scan still shows “NOT on latest patch level”, which is WRONG for the beta channel.