Update SECURITY.md to include PNPM in vulnerability scanning and add SAST tools for Go and JavaScript code.
This commit is contained in:
@@ -4,7 +4,12 @@ If you have discovered a security vulnerability, please refer to [our website](h
|
||||
|
||||
## Vulnerability Management
|
||||
|
||||
- We use [OSV](https://osv.dev/) to scan for package vulnerabilities in our dependencies.
|
||||
- We use PNPM and [OSV](https://osv.dev/) to scan for package vulnerabilities in our dependencies.
|
||||
|
||||
## SAST
|
||||
|
||||
- Gosec for Go code.
|
||||
- ESLint with eslint-plugin-security for JavaScript code.
|
||||
|
||||
## Dependency and Supply Chain
|
||||
|
||||
|
||||
Reference in New Issue
Block a user