From 9631664b70531b8ee700dc65e4121312abc42348 Mon Sep 17 00:00:00 2001
From: Kelvin Chappell <kelvin.chappell@theguardian.com>
Date: Tue, 11 Feb 2025 16:24:37 +0000
Subject: [PATCH] fix: Severity of vuln correctly reported (#1434)

---
 packages/repocop/src/remediation/vuln-digest/vuln-digest.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/repocop/src/remediation/vuln-digest/vuln-digest.ts b/packages/repocop/src/remediation/vuln-digest/vuln-digest.ts
index fb3f6644e..32301e9f4 100644
--- a/packages/repocop/src/remediation/vuln-digest/vuln-digest.ts
+++ b/packages/repocop/src/remediation/vuln-digest/vuln-digest.ts
@@ -37,7 +37,7 @@ function createHumanReadableVulnMessage(vuln: RepocopVulnerability): string {
 
 	const cveHyperlink = vuln.cves[0] ?? 'no CVE provided';
 
-	return String.raw`[${removeRepoOwner(vuln.full_name)}](https://github.com/${vuln.full_name}) contains a high severity vulnerability, ${cveHyperlink}, from ${vulnHyperlink}, introduced via ${ecosystem}.
+	return String.raw`[${removeRepoOwner(vuln.full_name)}](https://github.com/${vuln.full_name}) contains a ${vuln.severity} severity vulnerability, ${cveHyperlink}, from ${vulnHyperlink}, introduced via ${ecosystem}.
 There are ${daysToFix} days left to fix this vulnerability. It ${vuln.is_patchable ? 'is ' : 'might not be '}patchable.`;
 }