scottohara
commented
4 years ago Gemnasium & Dependency CI badges now removed.
Leaving this issue open for the other part (out of date dependencies & security vulnerabilities)
Open scottohara opened 4 years ago
scottohara
commented
4 years ago Gemnasium & Dependency CI badges now removed.
Leaving this issue open for the other part (out of date dependencies & security vulnerabilities)
scottohara
commented
3 years ago Open issue for adding support for GitHub Dependabot badges: https://github.com/dependabot/dependabot-core/issues/1912
Now that a) Gemnasium has been killed (acquired by GitLab) b) Dependency CI has been killed (by Tidelift) c) GitHub acquired Dependabot (security alerts)
...we ideally want to remove the Gemnasium/Dependency CI badges from the README; and replace with one or more badges from Github's own dependency checking/scanning services.
Ideally, we would want this badge (or badges) to show: a) out of date dependencies (in both Gemfile and package.json) b) security vulnerabilities
It doesn't seem (at this stage) that Github provides badges for these.