Re: security & CNCF projects


Matt Jarvis
 

I think what Chris means is that if you are already scanning with Snyk, then you won't see anything different in the LFX feed. 


On Tue, 16 Feb 2021 at 14:42, alexis richardson <alexis@...> wrote:
Thanks Chris

It would be great if this data was readily accessible.   I don't think packing into GH actions provides that, however useful it may be for other purposes


On Tue, 16 Feb 2021, 14:13 Chris Aniszczyk, <caniszczyk@...> wrote:
I'll follow up Alexis on the ticket but it's just white labeled https://snyk.io 

If you are already using, say Snyk via github action (https://github.com/snyk/actions/tree/master/golang) you won't see anything new (which is available for open source projects).

On Tue, Feb 16, 2021 at 3:54 AM alexis richardson <alexis@...> wrote:
Hi all

Has anyone looked at this? 

How do we see project data?  I wanted to take a look at flux.  I had to create a login.  Then, I had to "request" a view, which turned out to mean filing a JIRA ticket.  Since then, tumbleweed.

Can we have something more open & useful please?

a




--
Chris Aniszczyk (@cra)

Join cncf-toc@lists.cncf.io to automatically receive all group messages.