•  
      request #31123 Automate scanning for known vulnerabilities in dependencies
    Infos
    #31123
    Thomas Gerbet (tgerbet)
    2023-03-08 18:35
    2023-03-08 12:34
    32727
    Details
    Automate scanning for known vulnerabilities in dependencies

    Goals are:

    • automating myself/give an easy way to the whole dev team to triage security issues in our dependencies
    • have a global view of the current state of dependencies so we can answer "What known vulnerabilities there is in our dependency tree"

    As a first step only PHP/Packagist, JS/npm, Rust/cargo and go dependencies will be covered.

    Dev tools
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2023-03-08
    Attachments
    Empty
    References

    Follow-ups