Snyk Open Source support for GitHub Security Code Scanning is now available! This enables you to automatically scan your open source dependencies for security vulnerabilities and license issues, and view results directly from within GitHub’s Security tab!
Back in October last year, we introduced the capability to scan GitHub-hosted container images, Kubernetes configuration files, and Terraform code and subsequently view results within GitHub, under the Security tab. This capability - now supporting Snyk Container, Snyk IaC AND Snyk Open Source - uses Snyk’s GitHub actions to integrate Snyk natively with GitHub Security Code Scanning.
More information is available in this blog article.