Skip to content
This repository was archived by the owner on Oct 10, 2023. It is now read-only.
This repository was archived by the owner on Oct 10, 2023. It is now read-only.

Migrate to gosec #160

Closed
#179
Closed
Migrate to gosec#160
#179
Assignees
thepetk
Labels
area/ciAll issues related to the CI workflows
@michael-valdron

Description

@michael-valdron
michael-valdron
opened on Mar 29, 2023

Which area this feature is related to?

/area ci

Issue details

Currently, alizer uses Snyk to check for vulnerabilities in the dependencies. Migrating to use gosec and dependabot will ensure dependencies are regularly updated as well as ensuring good security in the current go source code. This also keeps it consistent with how devfile source repositories are checked.

[UPDATE] @thepetk

This issue will be focusing on gosec and we have created a separate issue for dependabot ( #180 )

Related Issues

#119

Metadata

Metadata

Assignees

Labels

area/ciAll issues related to the CI workflows

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions