You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
The playbook lacks guidance on how to evaluate an open source dependency that is being taken.
Describe the solution you'd like
What tools can developers use to evaluate OSS. what are potential decision drivers, what are some common things to look for.
Additional context
Based on a recent engagement where the crew was unsure if to take a dependency on OSS package given the rise in OSS supply chain attacks.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
The playbook lacks guidance on how to evaluate an open source dependency that is being taken.
Describe the solution you'd like
What tools can developers use to evaluate OSS. what are potential decision drivers, what are some common things to look for.
Additional context
Based on a recent engagement where the crew was unsure if to take a dependency on OSS package given the rise in OSS supply chain attacks.
The text was updated successfully, but these errors were encountered: