Hi James,
Disclosure: I am a Staff Scientist at ShiftLeft Inc.
I was also a Fedora packager and design contributor till few years back so it is super exciting to see Shiftleft's name in the short-list! I would recommend you try to use the open source tool called Shiftleft Scan (https://slscan.io) on a few projects and see how it works for you. It is fast, open source, completely on-prem, can even be integrated within VSCode as an extension or be installed as Docker/AppImage. We also provide free public usage of a limited version of our ShiftLeft NG-SAST (a SaaS based scan service) which is much more targeted and advanced. Let me know if you need help/feedback on how to integrate them in your workflow.
--
Suchakra
_______________________________________________
infrastructure mailing list -- infrastructure@lists.fedoraproject.org
To unsubscribe send an email to infrastructure-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@lists.fedoraproject.org
Leigh Griffin
Engineering Manager
Communications House
Cork Road, Waterford City
lgriffin@redhat.com
M: +353877545162 IM: lgriffin