Chapter 3. Contributor docs The Weblate Manual, Release 4.5.3 3.12.1 Tracking dependencies for vulnerabilities Security issues in our dependencies are monitored using Dependabot. This covers the Python and libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities. Hint: There might be vulnerabilities in third-party libraries which do not affect Weblate, so those are not addressed security The Docker containers are scanned using Anchore and Trivy. This allows us to detect vulnerabilities early and release improvements quickly. You can get the results of these scans at GitHub — they

Chapter 3. Contributor docs The Weblate Manual, Release 4.5.2 3.12.1 Tracking dependencies for vulnerabilities Security issues in our dependencies are monitored using Dependabot. This covers the Python and libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities. Hint: There might be vulnerabilities in third-party libraries which do not affect Weblate, so those are not addressed security The Docker containers are scanned using Anchore and Trivy. This allows us to detect vulnerabilities early and release improvements quickly. You can get the results of these scans at GitHub — they

Security and privacy 379 The Weblate Manual, Release 4.6.2 3.12.1 Tracking dependencies for vulnerabilities Security issues in our dependencies are monitored using Dependabot. This covers the Python and libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities. Hint: There might be vulnerabilities in third-party libraries which do not affect Weblate, so those are not addressed security The Docker containers are scanned using Anchore and Trivy. This allows us to detect vulnerabilities early and release improvements quickly. You can get the results of these scans at GitHub — they

of the Linux Foundation’s Core Infrastructure Initiative. 3.12.1 Tracking dependencies for vulnerabilities We do monitor security issues in our dependencies using Dependabot. This covers Python and JavaScript libraries and latest stable release should have adjusted dependencies to avoid vulnerabilities. Hint: There might be vulnerabilities in third-party libraries which do not affect Weblate, and we do not address security The Docker containers are scanned using Anchore and Trivy. This allows us to detect vulnerabilities early and release an updated version of the container containing fixes. You can get the results

of the Linux Foundation’s Core Infrastructure Initiative. 3.12.1 Tracking dependencies for vulnerabilities We do monitor security issues in our dependencies using Dependabot. This covers Python and JavaScript libraries and latest stable release should have adjusted dependencies to avoid vulnerabilities. Hint: There might be vulnerabilities in third-party libraries which do not affect Weblate, and we do not address security The Docker containers are scanned using Anchore and Trivy. This allows us to detect vulnerabilities early and release an updated version of the container containing fixes. You can get the results

Initiative [https://bestpractices.coreinfrastructure.org/projects/552]. Tracking dependencies for vulnerabilities Security issues in our dependencies are monitored using Dependabot [https://dependabot.com/] libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities. Hint There might be vulnerabilities in third-party libraries which do not affect Weblate, so those are not addressed [https://anchore.com/] and Trivy [https://github.com/aquasecurity/trivy]. This allows us to detect vulnerabilities early and release improvements quickly. You can get the results of these scans at GitHub — they

Initiative [https://bestpractices.coreinfrastructure.org/projects/552]. Tracking dependencies for vulnerabilities Security issues in our dependencies are monitored using Dependabot [https://dependabot.com/] libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities. Hint There might be vulnerabilities in third-party libraries which do not affect Weblate, so those are not addressed [https://anchore.com/] and Trivy [https://github.com/aquasecurity/trivy]. This allows us to detect vulnerabilities early and release improvements quickly. You can get the results of these scans at GitHub — they

Initiative [https://bestpractices.coreinfrastructure.org/projects/552]. Tracking dependencies for vulnerabilities We do monitor security issues in our dependencies using Dependabot [https://dependabot.com/] libraries and latest stable release should have adjusted dependencies to avoid vulnerabilities. Hint There might be vulnerabilities in third-party libraries which do not affect Weblate, and we do not address [https://anchore.com/] and Trivy [https://github.com/aquasecurity/trivy]. This allows us to detect vulnerabilities early and release an updated version of the container containing fixes. You can get the results

Security and privacy 389 The Weblate Manual, Release 4.7 3.12.1 Tracking dependencies for vulnerabilities Security issues in our dependencies are monitored using Dependabot. This covers the Python and libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities. Hint: There might be vulnerabilities in third-party libraries which do not affect Weblate, so those are not addressed security The Docker containers are scanned using Anchore and Trivy. This allows us to detect vulnerabilities early and release improvements quickly. You can get the results of these scans at GitHub — they

Initiative [https://bestpractices.coreinfrastructure.org/projects/552]. Tracking dependencies for vulnerabilities We do monitor security issues in our dependencies using Dependabot [https://dependabot.com/] libraries and latest stable release should have adjusted dependencies to avoid vulnerabilities. Hint There might be vulnerabilities in third-party libraries which do not affect Weblate, and we do not address [https://anchore.com/] and Trivy [https://github.com/aquasecurity/trivy]. This allows us to detect vulnerabilities early and release an updated version of the container containing fixes. You can get the results