loading...
Sonatype

Developers Gain Contextual Feedback with Automated Pull Request Commenting

katiemccaskey profile image Katie McCaskey Originally published at blog.sonatype.com on ・1 min read

Developers Gain Contextual Feedback with Automated Pull Request Commenting

At Sonatype, we work continuously to increase awareness of open source risk, and decrease the time it takes you to make your applications safe. It is our never ending quest to shift security left. We’ve rolled out even more granular and automated policy feedback with pull request comments directly in GitHub.

Developers need to know where potential policy violations or security vulnerabilities are introduced so that they can address and fix the issues efficiently and effectively. This reduces time to remediation and minimizes manual work. Our new PR commenting feature for GitHub notifies a developer when the code they commit introduces risk or breaks a build, and why.

Read more on the Sonatype blog

Posted on by:

katiemccaskey profile

Katie McCaskey

@katiemccaskey

Writing about DevSecOps - please say hi!

Sonatype

We believe developers should spend time innovating—not jumping through security hoops. That’s why we designed Nexus to work the way you do. Intelligent open source security integrated with preferred dev tools to easily find and fix vulnerabilities.

Discussion

pic
Editor guide