lili2311
commented
3 years ago Hi @pierreboissinot I've passed your request along to the relevant team, will let you know once I have an update.
Open pierreboissinot opened 3 years ago
lili2311
commented
3 years ago Hi @pierreboissinot I've passed your request along to the relevant team, will let you know once I have an update.
lili2311
commented
3 years ago @pierreboissinot I have raised this as a feature request with the team. We will be in touch if there is any news to share on this.
I started using Snyk on project using npm and composer.
There is no documentation explaining which resources are fetched to search vulns from composer.lock.
For example, private packagist offers security monitoring and for the same composer.lock, Snyk doesn't find any vuln but Packagist do.
Is it possible to have a post like for NPM dependencies ? https://support.snyk.io/hc/en-us/articles/360010452717-Snyk-Vs-NPM-Audit
I work at a company which develop web app on top of Symfony framework (PHP), and we watn to be sure that Snyk report are at least as reliable as Private Packagist.
Thanks.