[BUILD-959] PoC: replace CVE scans with Snyk? Created: 22/Nov/22  Updated: 22/Nov/22

Status: Open
Project: Build
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Neutral
Reporter: Maxime Michel Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoR:
Empty

 Description   

For quite a few weeks there's been an integration with Snyk happening. Snyk is a powerful to manage vulnerabilities. We mostly use it for Docker images & K8s clusters for now, but it can also be linked to repositories. We should try giving that a shot as a replacement to our custom CVE scanning.


Generated at Sun Feb 11 23:46:49 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.