pnpm
Replies: 1 comment
-
|
You might be hitting dependabot/dependabot-core#13177 , which I mentioned at https://github.com/orgs/pnpm/discussions/3787#discussioncomment-15488747 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
We recently transitioned from npm tp pnpm for performance reasons. Before the transition we were using Github's dependabot and Snyk for identifying security vulnerabilities within our open source libraries.
After the transition, both the products fail to report any security vulnerabilities since they don't support pnpm. I was wondering if the community has any solutions or recommendations for an automated approach of identifying and patching security vulnerabilities?
Beta Was this translation helpful? Give feedback.
All reactions