Patrick,
All of the above are good
=indeed - am still digesting...
You could also use the following to check for known vulnerabilities
https://www.openhub.net/explore/projects
Thank you for this - I had forgotten about BlackDuck (have apparently
fallen off their mailing list).
Will ha
Thank you James, this starts to summarise specific concerns:
The other thing I try and push is to ensure that alternatives are considered where
appropriate - which is a bit more contextual, but it's very easy to jump to "I want
to use this" long before checking if there are better alternatives
We do similar with a checklist for the practicalities (though I for one
still have no good solution for guaranteeing the security of code beyond
reviewing it line-by-line...) - we've gone slightly more general so as to
apply to "technologies" as well as just libraries, but our process is
roughly:
On 28/07/2017 05:54, Steve - Gadget Barnes wrote:
On 28/07/2017 00:27, p...@getaroundtoit.co.uk wrote:
S, (Andy and Mike)
Yes, you've hit a couple of pertinent points; and it might make for an
interesting project.
However, I was looking for a check-list or similar which I can give to
the per