Proposal: Generalize the new severity labels

@micah has created four levels of scoped severity labels to use to categorize the severity of security issues:

• severitylow
• severitymedium
• severityhigh
• severitycritical

These are great!

However one question I had was whether these labels should remain specific to security issues, or if it would be beneficial to make them generic in order to grade the severity of other problems – like bugs or UX issues, for example?

In the case of UX issues, we could map the severity labels with Nielsen's severity ratings for usability problems:

• https://www.nngroup.com/articles/how-to-rate-the-severity-of-usability-problems/

Which are:

0. I don't agree that this is a usability problem at all
1. Cosmetic problem only: need not be fixed unless extra time is available on project
2. Minor usability problem: fixing this should be given low priority
3. Major usability problem: important to fix, so should be given high priority
4. Usability catastrophe: imperative to fix this before product can be released

Or, alternatively, we could use separate sets of scoped labels to score the severity of security issues versus UX issues, and so on – e.g.

• Security::low severity vs:
• UX::low severity, for instance.