Run osv-scanner in our github workflow #6181
Assignees
Labels
Comments
nazmulidris
added
help wanted
Component: CI/CD
hacktoberfest
|
@metaclips interesting, what extra information will this give us in addition to the other scanners we have turned on? I know the scorecard action has some relation to osv-scanner. |
|
Using osv-scanner tool in Github action should alert us if a PR brings in a vulnerable dependency, on PR/push across different programming languages. |
|
Hi, I want to work on this. Assign it to me. |
|
@milinddethe15 That's awesome, all yours. |
Merged
|
Hi @metaclips @mrinalwadhwa, can you please add HACKTOBERFEST-ACCEPTED tag? |
|
@milinddethe15 I added the label on your PR #6210 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add support to run osv-scanner as a github workflow on every pull-request and push. Instructions on running the action tool can be found here
We love helping new contributors! ❤️
If you have questions or need help as you explore, please join us on Discord. If you're looking for other issues to contribute to, please checkout our good first issues.
The text was updated successfully, but these errors were encountered: