LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
This is tested and it works, but we still need to write the final part of the UI. (Showing the link to the PR that was created.)
For now, this does work and it just needs some additional polish to be shipped.
We will need to increase the permissions that we ask for with the GitHub app, unfortunately, because we don't currently have write
permissions to repositories associated with the GitHub App.
Maybe there is a way that we can progressively do that to let people opt-in? That's a discussion for later.
1030
This is tested and it works, but we still need to write the final part of the UI. (Showing the link to the PR that was created.)
For now, this does work and it just needs some additional polish to be shipped.
We will need to increase the permissions that we ask for with the GitHub app, unfortunately, because we don't currently have write permissions to repositories associated with the GitHub App.
Maybe there is a way that we can progressively do that to let people opt-in? That's a discussion for later.