You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: details/verification_workflow.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -14,7 +14,7 @@ In the evolving landscape of application development, reliance on third-party an
14
14
15
15
To create a secure and trusted source of Java libraries for your application, we have instituted a rigorous vetting process. This multi-tiered approach combines static code analyzers with human and AI-based code reviews. Upon successful security validation, libraries are incorporated into our secure repository. Each library is then packaged with a Software Bill of Materials (SBOM) and signed JAR files for additional assurance.
16
16
17
-
**Note**: We don't modify the original code during the library verification process. Any found vulnerabilities are remediated during the following[Library Vulnerability Remediation Workflow](details/vulnerability_remediation_workflow.md)
17
+
**Note**: We don't modify the original code during the library verification process. Any found vulnerabilities are remediated during the following[Library Vulnerability Remediation Workflow](/details/vulnerability_remediation_workflow.md)
18
18
19
19
20
20
The accompanying graph outlines the steps involved in our vetting process, providing a visual guide to how we ensure the safety and reliability of each library in our Trusted Artifactory.