> Dependabot / renovate only checking for version updates of your programm deps. Package Hunter analyze a program's deps for unexpected behavior (mal code) by installing the dependencies in a sandbox env and monitors system calls executed during the installation.
1 comment
[ 1.8 ms ] story [ 9.8 ms ] thread> Isn‘t dependabot doing the same, basically?
with a response in the thread at https://twitter.com/solidnerd/status/1420307219745230850
> Dependabot / renovate only checking for version updates of your programm deps. Package Hunter analyze a program's deps for unexpected behavior (mal code) by installing the dependencies in a sandbox env and monitors system calls executed during the installation.
Package Hunter requires Falco, Docker and NodeJS to run, following the instructions at https://gitlab.com/gitlab-org/security-products/package-hunt... - give it a try :)