UDAP Tools

[Brett Stringham]

FYI - For those in the UDAP community building UDAP tools/libraries consider (if not already) doing code scans using GitHub Advanced Security:

https://docs.github.com/en/get-started/learning-about-github/githubs-products#github-free-for-personal-accounts

I'm using the above for scanning on the UDAP Client - Spring Boot code before submitting a PR to the udap.org repo.

[Joseph Shook]

I have lit up the following in my fork as well

• Security advisories
  
• Private vulnerability reporting
  
• Dependabot alerts
  
• Code scanning alerts
  
• Secret scanning alerts
  

I am glad you mentioned this.  Because as I looked around I noticed my Dependabot alerts are turned off because I hadn't been addressing them.  At least Github thought I wasn't  I would get many updates due to minor version updates in groups of 10 (my limit)  Then I would just pull all of them in localy and commit.  The PRs would go away automatically.  I consider that an interaction but Github did not.  So something to keep an eye on.