Re: security & CNCF projects


Vasu Naidu <vnaidu@...>
 

Hi Alexis,

 

You should have access to the security reports of the flux project. Please let me know if you have any questions.

 

https://security.lfx.linuxfoundation.org/#/a0941000002wBz4AAE/foundation-details

 

Regards,

Vasu



 

From: St Leger, Jim <jim.st.leger@...>
Date: Tuesday, February 16, 2021 at 7:06 AM
To: Chris Aniszczyk <caniszczyk@...>, alexis richardson <alexis@...>, Pranab Bajpai (pbajpai@...) <pbajpai@...>, Vasu Naidu (vnaidu@...) <vnaidu@...>
Cc: Alexis Richardson via cncf-toc <cncf-toc@...>
Subject: RE: [cncf-toc] security & CNCF projects

+ Pranab and Vasu (product/eng leads on LFX I believe.)

 

Jim

 

From: cncf-toc@... <cncf-toc@...> On Behalf Of Chris Aniszczyk
Sent: Tuesday, February 16, 2021 7:13 AM
To: alexis richardson <alexis@...>
Cc: Alexis Richardson via cncf-toc <cncf-toc@...>
Subject: Re: [cncf-toc] security & CNCF projects

 

I'll follow up Alexis on the ticket but it's just white labeled https://snyk.io 

 

If you are already using, say Snyk via github action (https://github.com/snyk/actions/tree/master/golang) you won't see anything new (which is available for open source projects).

 

On Tue, Feb 16, 2021 at 3:54 AM alexis richardson <alexis@...> wrote:

Hi all

 

Has anyone looked at this? 

 

How do we see project data?  I wanted to take a look at flux.  I had to create a login.  Then, I had to "request" a view, which turned out to mean filing a JIRA ticket.  Since then, tumbleweed.

 

Can we have something more open & useful please?

 

a

 

 


 

--

Chris Aniszczyk (@cra)

Join cncf-toc@lists.cncf.io to automatically receive all group messages.