andersonbosa
commented
10 months ago I have separated some tools that I believe we could use here, but we still need to evaluate Perl support. I also noticed that @htrgouvea started a new tool warn-cpan.
Some SCA tools free to our use here:
And if necessary in the future install a security gate we could use something like SecurityGoat
Using an SCA (Software Composition Analysis) is super important for code integrity and application security. There is no SCA present in this repository yet, so I am opening this issue to plan this activity.
Reference: https://owasp.org/www-community/Component_Analysis