foundation icon indicating copy to clipboard operation
foundation copied to clipboard

Published 20 hours ago verified publisher icon cncf

Audit and Automate license scanning of CNCF projects

Open idvoretskyi opened this issue 5 years ago • 3 comments

FOSSA license scanning for all the repos (that include code) in the CNCF project organizations should be enabled: https://github.com/fossas/fossa-cli

idvoretskyi avatar Sep 01 '20 14:09 idvoretskyi

@idvoretskyi FYI this should be "license scanning" where FOSSA is one option.

We have some projects that use Snyk and WhiteSource already and those are fine options too.

caniszczyk avatar Sep 01 '20 14:09 caniszczyk

@caniszczyk good point, thanks!

idvoretskyi avatar Sep 01 '20 14:09 idvoretskyi