CircleCI Ideas

Option to allow certified and partner orbs only

Under security settings, we would like to allow certified orbs as well as partner orbs but disallow other orb usage or publishing of orbs. The context is within partners we trust such as Snyk but we want to prevent usage of other orbs without a better way to check they are secure or a way to know where they come from. We understand we can copy/paste the orb source into projects, that is not so usable with hundreds of projects though.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Jan 23 2020
  • New