Recently at PyCon US, I talked with several vendors who offer security scanning tools for codebases about doing free scans of Jupyter subprojects. Is there anyone in the security group that would like to join or take the lead in conversations around this topic?

I would be interested in at least joining to see how these tools might fit the Jupyter landscape. We could pick some high-priority repos, like JupyterHub, Jupyter Server, JupyterLab, etc., as the base use cases.

@jasongrout our next Security Subproject meeting is next week (Tuesday, June 7, 8:00 a.m. PDT). Any chance you can make that to talk about this with the group?

Follow-up: we discussed security scanning in the meeting, and are following up in email conversations with potential vendors.