-
Notifications
You must be signed in to change notification settings - Fork 2
New data source: Mend #54
Copy link
Copy link
Open
Labels
Data SourcesIssues related to collection of security alertsIssues related to collection of security alertsenhancementNew feature or requestNew feature or requesthacktoberfesthelp wantedExtra attention is neededExtra attention is needed
Description
Metadata
Metadata
Assignees
Labels
Data SourcesIssues related to collection of security alertsIssues related to collection of security alertsenhancementNew feature or requestNew feature or requesthacktoberfesthelp wantedExtra attention is neededExtra attention is needed
Type
Fields
Give feedbackNo fields configured for issues without a type.
Projects
StatusShow more project fields
Todo
🚀 Feature Request
Is your feature request related to a problem? Please describe.
Dependabot may be built in to GitHub and be a great default source of data, but there are a number of competitors, including Mend Renovate, which is very widely used. We should be able to pull in data from there as well.
Describe the solution you'd like
I haven't looked too much into the API but I did find this as a potential starting point: https://docs.mend.io/en-US/bundle/api_sca/page/http_api_v1_3_and_v1_4.html
It would be great to be able to pull in findings from there and present them directly alongside Dependabot findings, in the exact same format. If we can normalize those two... that's amazing. See #47 for that effort.