Dependency submission API for OPKG package manager used for embedded Yocto builds #39138
Replies: 1 comment
-
🕒 Discussion Activity Reminder 🕒 This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions: 1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as 2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own. 3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution. Note: This dormant notification will only apply to Discussions with the Thank you for helping bring this Discussion to a resolution! 💬 |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
Hello,
we are working on developing vulnerable dependency analysis on Yocto Linux embedded builds. i see that dependabot will not work on embedded package managers used in Yocto and OpenWRT as it is recipe based and make file based build system. is there a way we can use dependency submission API to submit our dependencies to Github and then Dependabot can alert if there is any vulnerabilities in direct nd transitive dependencies we are using
Regards
Sameesh
Beta Was this translation helpful? Give feedback.
All reactions