Skip to content

Commit

Permalink
Merge pull request #893 from alphagov/rfc-167
Browse files Browse the repository at this point in the history 
Update dependencies
  • Loading branch information
@MuriloDalRi
MuriloDalRi committed May 2, 2024
2 parents 62e0768 + 9818380 commit 905e2c5
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions source/standards/tracking-dependencies.html.md.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@ There are tools which scan GitHub repositories and raise pull requests (PRs) whe

> Note: we have not enabled "Treat PR approval as a request to merge", as this would lead to a surprising behaviour at the point of approval.

> Note: GOV.UK has implemented [RFC-167][] which allows automatic patching of all dependencies in certain cases.

* [PyUp][] - a Python dependency checker. Used by GOV.UK Notify, PyUp will monitor for updates and vulnerabilities

All the above tools are free to use on public repositories.
Expand Down Expand Up @@ -100,3 +102,4 @@ Also consider managed solutions where possible. For example:
[Snyk container vulnerability management tooling]: https://snyk.io/product/container-vulnerability-management/
[GOV.UK PaaS buildpacks]: https://docs.cloud.service.gov.uk/deploying_apps.html#buildpacks
[AWS Fargate]: https://aws.amazon.com/fargate/
[RFC-167]: https://github.com/alphagov/govuk-rfcs/blob/main/rfc-167-auto-patch-dependencies.md

0 comments on commit 905e2c5

Please sign in to comment.