citrus icon indicating copy to clipboard operation
citrus copied to clipboard
verified publisher icon citrusframework

Fix: #900. Add dependency checks

Open ioggstream opened this issue 3 years ago • 1 comments

This PR

  • adds informative owasp dependency checks in CI

Note

you can enforce validation output and block deployment when insecure deps are found

ioggstream avatar Oct 24 '22 13:10 ioggstream

+1 but I would rather run this in a separate CI job. making this check part of the general build job may break PRs from people that are not in charge of maintaining the dependencies.

Also what about running this on a nightly basis instead of with each PR or code change?

christophd avatar Jan 19 '23 21:01 christophd

uff, this PR is open for a long time with no activity. Closing ...

christophd avatar Apr 24 '24 09:04 christophd