Phill Garrett
Phill Garrett
- [X] Follows [CONTRIBUTING](https://github.com/snyk/snyk/blob/master/CONTRIBUTING.md) rules #### What does this PR do? See https://github.com/snyk/snyk-mvn-plugin/pull/136 Introduces `--maven-aggregate-project` so that we can support Maven module scanning better. Until now if modules depend on...
Hi, is it possible to run lua-resty-oidc as resource server so that it first authenticates clients presenting a session cookie (issued by another lua-resty-oidc acting as relying party) but if...
- [X] Follows [CONTRIBUTING](https://github.com/snyk/snyk/blob/master/CONTRIBUTING.md) rules #### What does this PR do? See https://github.com/snyk/snyk-mvn-plugin/pull/137 Adding warning message to indicate when projects have a dep-graph that contains packages with unknown versions (like...
- [X] Tests written and linted - [ ] Documentation written / README.md updated [https://snyk.io/docs/snyk-for-node/](i) - [ ] Follows [CONTRIBUTING agreement](CONTRIBUTING.md) - [ ] Commit history is tidy [https://git-scm.com/book/en/v2/Git-Branching-Rebasing](i) -...
Fixes vulnerability in `golang.org/x/oauth2/jws`: * https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXOAUTH2JWS-8749594 Performed `go get golang.org/x/oauth2@latest` and `go mod tidy`. OAuth2 seems to be only used to read from remote GitHub repositories. Tested by [github_test.go](source/github/github_test.go).
Snyk requires auth schema of "token" rather than the default "Bearer". See https://docs.snyk.io/snyk-api/authentication-for-api It is possible to connect using a Bearer token via Snyk Apps but for the average user...