Hi there,
its said that Versioneye, which I’ve added to visualize outdated/vulnerable dependencies on openmrs-core (see dependencies badge on github readme), is shutting down:
I’ve looked at http://snyk.io/ and http://gemnasium.com/ which were recommended by VersionEye’s creator.
Snyk simply worked within minutes and VersionEye already relied on its vulnerability DB.
Its free for open source (so we can also add other openmrs projects ), integrates well with github (can fail PRs adding new dependencies with known vulnerabilities) and could also create automatic PRs to update dependencies (if we wanted).
I therefore suggest to replace it with Snyk
@dkayiwa I have added you to the openmrs
organisation on snyk (you should have gotten an email) I don’t have enough privilege on github to add openmrs-core
and for example webservices
. Can you please add them at https://snyk.io/org/openmrs/projects?