Project setup
Set up OpenVet properly for a real project — beyond the bare-minimum Quickstart.
The Quickstart gets you a passing
openvet check against a single project as fast as possible. This
tutorial is the longer companion — what to do once you’ve decided
to keep OpenVet around.
TODO: write me. Suggested arc:
- Decide which logs you trust (yours, your team’s, upstream ecosystems’).
- Write a starter policy that won’t immediately fire on every transitive dep.
- Wire
openvet checkinto CI, including caching.- Decide who on the team can author audits, and where their keys live.
- Exemption hygiene (when, how, and with what TTL).