ποΈ Grouped Issues
When organizations use the same dependencies across multiple projects or include the same dependency multiple times in a single projectβboth directly and indirectly through internal callsβand security issues are detected, addressing each issue individually can be tedious and collectively more damaging than issues in single projects. Therefore, remediating all instances at once is far more efficient and crucial. Myrror facilitates this by planning remediation for grouped issues with high priority, where fixing a single instance can enhance the security posture of the entire organization.
Myrror identifies these recurring issues across multiple repositories, which possess the same CVEs. To avoid notification overload for developers from multiple alerts for the same issue, Myrror groups these alerts. For instance, it doesnβt make sense to alert multiple times for a dependency issue when the same issue exists transitively in another dependency. By grouping these issues and addressing them one at a time across multiple locations, Myrror helps resolve the issues more efficiently.