As part of our efforts to improve the security and quality posture of the open source supply chain,
we plan to enable additional scanning of dependencies for security alerts soon. Since you're already
hosting your source code in Github, you can get these insights today by enabling Sonatype Lift.
Sonatype Lift is free forever on public repositories! Lift tells you about open source vulnerabilities
during code review, and goes beyond open source to scan your code for both code quality and security issues,
providing feedback right in your pull requests.
More information can be found at https://links.sonatype.com/products/lift/github-integration
As part of our efforts to improve the security and quality posture of the open source supply chain, we plan to enable additional scanning of dependencies for security alerts soon. Since you're already hosting your source code in Github, you can get these insights today by enabling Sonatype Lift. Sonatype Lift is free forever on public repositories! Lift tells you about open source vulnerabilities during code review, and goes beyond open source to scan your code for both code quality and security issues, providing feedback right in your pull requests. More information can be found at https://links.sonatype.com/products/lift/github-integration