We have multiple codescans, applied inconsistency across repositories
We also have features which can/could be run in the build
Tools vary in their capabilities including language
In addition, codeQL & openssf explicitly add observations into the ‘security’/issues section on github
Name | SonarCloud | NexusIQ | CodeQL | Sonatype lift | Dependabot | LFXSecurity | |
– | – | – | – | – | – | – | ^ |
egeria-connector-sas-viya | N | N | Y | Y | Y | Y | |
egeria-connector-hivemetastore | N | N | Y | Y | Y | Y | |
egeria-database-connectors | N | N | Y | Y | Y | Y | |
egeria | Y | Y | Y | Y | Y | Y | |
egeria-docs | N | N | N | N | N | Y | |
egeria-connector-integration-topic-strimzi | N | N | Y | Y | Y | Y | |
egeria-samples-api | N | N | Y | Y | Y | Y | |
egeria-dev-projects | N | N | Y | Y | Y | Y | |
egeria-connector-hadoop-ecosystem | N | N | Y | Y | Y | Y | |
egeria-connector-repository-file-sample | N | N | Y | Y | Y | Y | |
egeria-connector-xtdb | N | N | Y | Y | Y | Y | |
egeria-connector-ibm-information-server | ? | ? | Y | Y | Y | Y | |
egeria-charts | N | N | N | Y | N | Y | |
egeria-jupyter-notebooks | N | N | N | Y | N | Y | |
egeria-ui | N | N | Y | Y | Y | Y | |
egeria-ui-components | N | N | Y | Y | Y | Y | |
egeria-react-ui | N | N | Y | Y | Y | Y | |
egeria-ui-core | N | N | Y | Y | Y | Y | |
egeria-js-commons | N | N | N | Y | N | Y | |
happi-graph | N | N | N | Y | N | Y | |
egeria-samples | N | N | N | Y | N | Y | |
egeria-connector-integration-event-schema | N | N | Y | Y | N | Y | |
egeria-api-mocks | N | N | N | Y | N | Y | |
egeria-template-newrepo | N | N | Y | Y | Y | Y | |
egeria-palisade | N | N | N | N | N | Y | |
egeria-k8s-operator | N | N | N | Y | Y | Y | |
data-governance | N | N | N | N | N | Y |
Note: this summary should be added to [odpi/egeria-docs#442](* egeria-docs#169