Hi, Colm On Thu, Feb 3, 2022 at 1:02 PM Colm O hEigeartaigh <cohei...@apache.org> wrote: > > Hi, > > I've worked with INFRA to enable GitHub dependabot alerts for various > Apache projects. The idea is that the GitHub committers for a given > project can have access to the page on GitHub (for example for CXF: > https://github.com/apache/cxf/security/dependabot) which shows the > list of dependencies for the project with known CVEs. > > I plan to do the same for Camel on these repos: > > https://github.com/apache/camel > https://github.com/apache/camel-karaf > https://github.com/apache/camel-quarkus > https://github.com/apache/camel-spring-boot > > Any objections or anything I'm missing? If not I'll proceed with enabling it.
+1 from me, thanks Colm for looking into it, I keep seeing those on push, but I can't access the /security/dependabot page so this will be very helpful. zoran -- Zoran Regvart
