Hi, Giovanni. Personally I would be happy to have this for every repo and PR. Even though many of us regularly run "npm outdated" (or "yarn outdated") and test our work with newer libraries, having a report on known bad versions gives us a consistent "trailing edge". By that I mean that if we haven't managed to otherwise update our dependencies when snyk identifies a problem, we have a good reason to take a moment and review.
Anyway, +1 from me. Cheers, Tony On Wed, Apr 5, 2017 at 6:20 PM, Tirloni, Giovanni <[email protected]> wrote: > Snyk can monitor repositories and test new PRs for vulnerable packages. > > Is there interest in having this tool automatically monitoring our > repositories? It's free for open source project. > > https://snyk.io/docs/github > > On 10/29/2015 02:29 PM, Steve Lee wrote: > > https://snyk.io/ > > > > Steve Lee > > OpenDirective http://opendirective.com > > _______________________________________________ > > Architecture mailing list > > [email protected] > > http://lists.gpii.net/mailman/listinfo/architecture > > > > > _______________________________________________ > Architecture mailing list > [email protected] > http://lists.gpii.net/mailman/listinfo/architecture >
_______________________________________________ Architecture mailing list [email protected] http://lists.gpii.net/mailman/listinfo/architecture
