We're continuing to investigate Github's dependency scanning.
What is the value of this?
As well as using Snyk, we'll now have dependency information available in Github. Having a few repos integrated (janus-app is already done) helps us look at how we'll manage this across the org.
Will this require CloudFormation and/or updates to the AWS StackSet?
All deployment options
- [Deploy build 2748 of `security-hq` to CODE](https://riffraff.gutools.co.uk/deployment/deployAgain?project=security-hq&build=2748&stage=CODE&updateStrategy=MostlyHarmless&action=deploy)
- [Deploy parts of build 2748 to CODE by previewing it first](https://riffraff.gutools.co.uk/preview/yaml?project=security-hq&build=2748&stage=CODE&updateStrategy=MostlyHarmless)
- [What's on CODE right now?](https://riffraff.gutools.co.uk/deployment/history?projectName=security-hq&stage=CODE)
github-actions[bot]
commented
9 months ago
What does this change?
We're continuing to investigate Github's dependency scanning.
What is the value of this?
As well as using Snyk, we'll now have dependency information available in Github. Having a few repos integrated (janus-app is already done) helps us look at how we'll manage this across the org.
Will this require CloudFormation and/or updates to the AWS StackSet?
N/A
Will this require changes to config?
N/A
Any additional notes?
N/A