Automatic reporting of security issues in dependent libraries
We should look into ways of getting notified on security vulnerabilities for the libraries we use and ship. It can be a tool or set of tools that would allow us to automate some of the Maintenance tasks
Few good to haves:
- Read from a library whitelist
- Notify via chat or allow automatic issue creation
- Outputting links to the lib in question if the patch is released
- API
@gitlab-build-team @joshlambert @briann Anyone has experience with tools for this purpose?