Hey,

Snyk is a dependency vulnerability scanner used mostly for containers, but also for other dependency systems. However, GitHub nowadays also does a pretty good job of tracking dependent security vulnerabilities, so I'd consider removing it.

Janos

On Mon, Jan 24, 2022 at 9:13 AM Sandro Bonazzola <sbonazzo@redhat.com> wrote:
Hi,
I noticed today that all the repos in oVirt organization have a webhook to https://snyk.io/webhook/github/ which seems to be some security scanner.

I couldn't find any reference about why we have such hook, can anybody explain why it's there?

thanks

--

Sandro Bonazzola

MANAGER, SOFTWARE ENGINEERING, EMEA R&D RHV

Red Hat EMEA

sbonazzo@redhat.com   

Red Hat respects your work life balance. Therefore there is no need to answer this email out of your office hours.


_______________________________________________
Devel mailing list -- devel@ovirt.org
To unsubscribe send an email to devel-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/devel@ovirt.org/message/TJEERAEZ5UVLK6DISVY3LT2BDQDZVWOQ/