You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Red Hat Dependency Analytics (RHDA) is an open-source tool that helps developers build secure applications by identifying vulnerabilities. It analyzes the open-source components used in an application and checks them against vulnerability databases. This allows developers to proactively address security risks early in the development process.
Introducing a backstage plugin will enable Backstage users to analyze software components for potential vulnerabilities and apply recommended remediations.
To improve security across our software supply chain, this project proposes integrating the Red Hat Dependency Analytics (RHDA) plugin with Backstage. RHDA offers language-agnostic analysis for Java, JavaScript, Go, and Python projects. The RHDA Backstage plugin, with its three-layer architecture (frontend, backend, and RHDA executor container with pre-built language-specific executors), simplifies configuration through the Backstage plugin catalog XML. This integration streamlines the security analysis workflow within Backstage, enabling early vulnerability detection across diverse programming languages.
👀 Have you spent some time to check if this plugin request has been raised before?
🔖 Summary
Red Hat Dependency Analytics (RHDA) is an open-source tool that helps developers build secure applications by identifying vulnerabilities. It analyzes the open-source components used in an application and checks them against vulnerability databases. This allows developers to proactively address security risks early in the development process.
Introducing a backstage plugin will enable Backstage users to analyze software components for potential vulnerabilities and apply recommended remediations.
🌐 Project website (if applicable)
https://developers.redhat.com/products/trusted-profile-analyzer/overview
https://github.com/RHEcosystemAppEng/exhort
https://marketplace.visualstudio.com/items?itemName=redhat.fabric8-analytics
(PoC) - https://github.com/RHEcosystemAppEng/backstage-plugin-rhda
✌️ Context
To improve security across our software supply chain, this project proposes integrating the Red Hat Dependency Analytics (RHDA) plugin with Backstage. RHDA offers language-agnostic analysis for Java, JavaScript, Go, and Python projects. The RHDA Backstage plugin, with its three-layer architecture (frontend, backend, and RHDA executor container with pre-built language-specific executors), simplifies configuration through the Backstage plugin catalog XML. This integration streamlines the security analysis workflow within Backstage, enabling early vulnerability detection across diverse programming languages.
👀 Have you spent some time to check if this plugin request has been raised before?
🏢 Have you read the Code of Conduct?
Are you willing to submit PR?
Yes I am willing to submit a PR!
The text was updated successfully, but these errors were encountered: