Hi AC members, and happy Wednesday.
Do you have any recommendations or experience implementing Open Source package monitoring / security auditing tools? We'd like to have a few different recommendations for Open Projects, and decided that some kind of thorough comparison between them would
make good content for our blog and documentation, too. I've talked with the folks at
Snyk - which, fun fact, stands for "So Now You Know" - as they certainly seem to have quite a bit of adoption. Are there any others you would encourage us to look into/include?
I'll be away next week for W3C TPAC, but thinking of you all at OpenCore summit (which I'm really bummed to be missing). Be well, and see you at our next meeting on 23 September!
- Jory