tony-nyagah
commented
8 months ago I can look at this.
Open basmasking opened 8 months ago
tony-nyagah
commented
8 months ago I can look at this.
basmasking
commented
8 months ago Hello @tony-nyagah,
You're more than welcome to pick up this issue :)
If you have any questions, don't hesitate to ask them. You can reach out to us here, or on our discord channel
Thank you
OriloyeEmerald
commented
8 months ago I want to look at this issue.
basmasking
commented
8 months ago Hi @OriloyeEmerald,
Thanks for your interest in picking up this issue. Just a couple of hours ago @tony-nyagah also showed interest in this ticket. Maybe you can work together on this issue?
If you have any questions, don't hesitate to ask them. You can reach out to us here, or on our discrod channel
tony-nyagah
commented
8 months ago @BasMasking When I try to run npm install I get this error ERR_PNPM_FETCH_404 GET https://registry.npmjs.org/eslint-plugin-jitar: Not Found - 404.
basmasking
commented
8 months ago @tony-nyagah the package eslint-plugin-jitar is not published on npm, but should be in the tools folder in the root of jitar. It's also defined in the package.json as a workspace, thus npm should be able to resolve the package.
From the error message it seems you're using pnpm, is that correct?
tony-nyagah
commented
8 months ago From the error message it seems you're using
pnpm, is that correct?
I tried with npm but was getting some errors. I think my internet was acting up. npm install works now.
basmasking
commented
7 months ago @tony-nyagah do you need any help with the issue?
OriloyeEmerald
commented
7 months ago I'm sorry about my unavailability, I had issues with my computer. I have installed the snyk tool and configured it for local vulnerability testing. What is the next step please?
tony-nyagah
commented
7 months ago @tony-nyagah do you need any help with the issue?
@OriloyeEmerald seems to have resolved the issue so I'm going to leave this issue with him.
OriloyeEmerald
commented
7 months ago @tony-nyagah, that's great then. Are you on discord so I can connect with you?
petermasking
commented
7 months ago @OriloyeEmerald the description in this issue has been a bit sparse. After the CLI is installed locally (added as a devDependency in the package.json), it should be possible to run the cli with a snyk account and use environment variables to set the tokens and account details into the cli configuration.
Ideally, we have another script in the package.json to run the cli and get the vulnerabilites from the snyk api by typing npm run snyk-test in the terminal.
tony-nyagah
commented
7 months ago @tony-nyagah, that's great then. Are you on discord so I can connect with you?
I am on Discord. I go by osteerich on there.
Snyk is enabled in the CI pipeline. To make it easier for ourselves to execute the scans locally, we should add the cli tool from snyk.