firetext icon indicating copy to clipboard operation
firetext copied to clipboard
verified publisher icon codexa

Listing dependencies

Open Ryuno-Ki opened this issue 9 years ago • 3 comments

I just read Eliminating Known Vulnerabilities With Snyk about Snyk and tried to test Firetext for it. It reported Firetext not being a node project (which is correct, since there is no package.json).

Do you have 3rd party dependencies managed by bower or npm or that like? If yes, where can I find a manifest listing them?

Ryuno-Ki avatar Jan 14 '16 20:01 Ryuno-Ki

Unfortunately not. @joshua-s we should use bower.

HR avatar Jan 14 '16 21:01 HR

Also we could use npm + browserify without making it a Node.JS app for dependency management and usage.

HR avatar Jan 14 '16 21:01 HR

Or npm + webpack or that like.

I've seen a bunch of Front-End projects walking that way. Personally I use NPM for dep management, too.

If you stick to bower, that's fine. I'll look into adding support for it in SNYK, then ;-)

Ryuno-Ki avatar Jan 15 '16 20:01 Ryuno-Ki