Hello everyone,
I’m excited to share that we’ve recently introduced a new feature in Packit: Static Application Security Testing (SAST) for upstream repositories using OpenScanHub. This feature is still in its early stages and we are eager to gather feedback from our users to help refine and improve it.
The current state consists of a differential scan showing reports only relevant to the pull request being submitted. If you are interested, we would greatly appreciate it if you could take some time to try it out and share your thoughts with us. The setup is easy.
For more details on how it works and to get started, please check out this blog post. We encourage you to provide any feedback, ideas, or suggestions in the GitHub discussion.
Thank you!