-
Both `npm` & `mvn` ones
For Maven it is more urgent for security reasons: https://snyk.io/org/lucas-c/project/4ab0a098-545d-481d-8aa4-e2886dd200e4
-
just to keep track on creation of a snyk bot account GH integration
it will make the most sense to make a new GitHub account and name it like "snyky-bot", (so it will be a user, but acting as a bot…
-
# Summary
I think new Snyk scans/reports should be added to the CI. This is a top-level ticket to cover the several types of reports I think should be added.
# Motivation
The Snyk check that …
-
## 🐞 Bug Report
#### Describe the bug
Using the tool [Snyk](https://snyk.io/), I found that there is a license risk introduced by the package `svgo` within `broccoli-svg-optimizer`. This issue c…
-
### Current Behavior
The API used for Snyk Integration in DT v4.7.0 is versioned and fast-evolving. The `SCANNER_SNYK_API_VERSION` has updated twice even during the development of 4.7.0.
The conf…
-
**Is your feature request related to a problem? Please describe.**
`--severity-threshold` flag not doing what it's promising it should do.
On the ODS docs, it says
```
Severity threshold for fail…
-
Options:
* https://github.com/snyk-labs/github-actions-scanner
* https://github.com/synacktiv/octoscan
-
package snyk-filter executable to the release assets section, as it is being done with other tools
-
_Please keep any sensitive details in [Google Drive](https://docs.google.com/document/d/1rW0VOzfCrjXOI0O1gTAOm225_fTbu5Cjrg7yJTYYBBg/edit)._
**Date of report:** 02/15/2023
**Severity:** High
**Du…
-
## 🚀 Feature Proposal
Current version of `exceljs` references `archiver` of v5.3.2. In the references, you can find the inflight package that is affected by CVE-772 ( https://security.snyk.io/vuln/…