Hello,
The Security SIG is looking to ensure that security tooling is setup consistently across the organization. As a result, we're asking maintainers to ensure the following tools are enabled in each repository:
This repository doesn't use dependabot as dependencies are managed directly via the release process.
Static code analysis tool -> the repository uses shellcheck.
Hello, The Security SIG is looking to ensure that security tooling is setup consistently across the organization. As a result, we're asking maintainers to ensure the following tools are enabled in each repository:
Parent issue: https://github.com/open-telemetry/sig-security/issues/12