flattr-extension icon indicating copy to clipboard operation
flattr-extension copied to clipboard
verified publisher icon flattr

Setup Snyk

Open erikvold opened this issue 7 years ago • 2 comments

Synk is just an automated tool to check the dependencies that are used for vulnerabilities. So if someone makes a pull request for a npm package with a known vulnerability then we'll be alerted to that.

https://snyk.io/ https://github.com/marketplace/snyk https://blog.travis-ci.com/2017-04-20-continuous-security-snyk-travis-ci/

erikvold avatar Feb 02 '18 14:02 erikvold

I'm thinking it would be nice to do add the automated tests and pull requests (mentioned here: https://snyk.io/docs/snyk-for-nodejs ), and also the badge to our readme.

Does this sound alright to you @ThomasGreiner ?

erikvold avatar Feb 12 '18 07:02 erikvold

Sounds good! Thanks. Anything we need to change for that in our code - apart from adding the badge - or is all of that configured through their UI?

ThomasGreiner avatar Feb 12 '18 11:02 ThomasGreiner