|
|
|
|
|
|
by avitzurel
3174 days ago
|
|
|
I vaguely remember another service like that from the days I was still doing rails. The pain is definitely real. We had a 6-year-old rails app that got upgraded from Rails 2.3 and keeping track of dependency decay was painful. Looking at your landing page, I could not understand how are you solving the problem exactly. The screenshots don't expand so I don't really get the solution. One very nice feature that you can add and will help a lot is to support comment parsing in the Gemfile and Gemfile.lock. Something like email: my@my.com. When you parse the file, send me the report and don't make me actively visit the page. Also offer a sample report on your page by submitting a public repo perhaps. Good luck! |
|
|
I'll provide a sample report on the landing page, add a way to expand the screenshots and provide more information on the sign up process. Octotrack does not access the repositories directly, that was one of the main objectives. Only your email and github public information. Once you create a project, you'll have the option to upload a Gemfile.lock or add a git post-commit hook to your project. From then on, you'll have access to the security vulnerabilities that exist and what dependencies need to be updated as well as other information (such as release notes, etc).
Once again, thank you for the feedback and hope it solves a real pain.