It's said that one cannot build a great building on a week foundation, well the same applies for writing software, it's turtles all the way down to the zeros and ones & turtles down even below that.
Evaluate tools which can share details
about code & dependency vulnerabilities(Synk does it nicely per my knowledge)
good-to-upgrade dependencies(DependaBot does it nicely per my knowledge, i believe this is already included via GitHub w/o configuration these days)
put your findings in the comments and raise a PR for it
PS: I'll create a relevant secret token with a specific environment key after a PR is raised and add that app to this repository, do reach out to us @ https://slack.k8s.io #openebs-dev & #openebs for further queries
It's said that one cannot build a great building on a week foundation, well the same applies for writing software, it's turtles all the way down to the zeros and ones & turtles down even below that.
Evaluate tools which can share details
put your findings in the comments and raise a PR for it
PS: I'll create a relevant secret token with a specific environment key after a PR is raised and add that app to this repository, do reach out to us @ https://slack.k8s.io #openebs-dev & #openebs for further queries