Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [xpanse-dev] Sonatype lift at Xpanse

Hi Mikael,


No, we did not request any such scans from Sonatype.


Yes, it would be great if you can deploy the app so that we can get the scanning notifications.





From: xpanse-dev <xpanse-dev-bounces@xxxxxxxxxxx> On Behalf Of Mikael Barbero
Sent: Monday, June 12, 2023 3:28 PM
To: xpanse-dev@xxxxxxxxxxx
Cc: Frederic Gurr <frederic.gurr@xxxxxxxxxxxxxxxxxxxxxx>
Subject: [xpanse-dev] Sonatype lift at Xpanse




For a couple of days, the xpanse bot user at github is receiving notifications with scan results from Sonatype Lift. The scans seem to be triggered by each snapshot sent to OSSRH. Is it something that you specifically requested from Sonatype?


FYI, we can deploy the Lift GitHub app on your GitHub organization so that you get the notifications from the scanning processes.




MikaĆ«l Barbero 

Head of Security | Eclipse Foundation

Eclipse Foundation: The Platform for Open Innovation and Collaboration


Back to the top