[Feynmanix]

It's not visible on the screenshot for some reason, but if you run the latest version, you'll notice a little underline under the CVE mention. It's actually a hyperlink (Cmd+click in iTerm2) that leads to https://osv.dev/vulnerability/CVE-2024-24762 where you can find out more.

Or are you saying you'd rather it leads to https://osv.dev/vulnerability/PYSEC-2024-38 rather than https://osv.dev/vulnerability/CVE-2024-24762 ?

[scsh]

Yes in this particular case, where I'm trying to install fastapi, I'd rather it direct me to https://osv.dev/vulnerability/PYSEC-2024-38 which is more fastapi specific and mentions that the fixed version of fast api is 0.109.1. Or even better, give the link and print the fixed version from the advisory yaml https://github.com/pypa/advisory-database/blob/main/vulns/fa...

[Feynmanix]

I'll have a look at that

[simonw]

Can it spit out a visible URL for those of us who use the default macOS terminal app?

[Feynmanix]

Yes, I can! Will be in the next release