Hi AC members, and happy Wednesday.
Do you have any recommendations or experience implementing Open Source package monitoring / securityÂauditing tools? We'd like to have a few different recommendations for Open Projects, and decided that some kind of thorough comparison between them would make good content for our blog and documentation, too. I've talked with the folks at
Snyk - which, fun fact, stands for "So Now You Know" - as they certainly seem to have quite a bit of adoption. Are there any others you would encourage us to look into/include?
I'll be away next week for W3C TPAC, but thinking of you all at OpenCore summit (which I'm really bummed to be missing). Be well, and see you at our next meeting on 23 September!
- Jory
ÂÂ