We are planning to use react-sdk component from market place React SDK | Pega.
As a part of that we also need to use the code provided by Pegasystems on github : GitHub - pegasystems/react-sdk: The React SDK provides Pega customers with the ability to build DX components that connect Pega’s ConstellationJS Engine APIs with a design system other than the Pega Constellation design system.
As a part of security assessment internal for our client, we need to know if this git code is scanned for any vulnerabilities and malwares ?
If yes, what type of scanning is performed ?
Is there any documentation that provides an assurance that the code is scanned and made available to public on the internet ?