Closed robincher closed 5 years ago
Thanks for the PR. Would you mind adding the snyk badge to other projects in the org? I'm thinking about nexmo-python, nexmo-php, nexmo-java, nexmo-node, nexmo-dotnet and nexmo-ruby as our main ones.
Hi @AlexLakatos ,
I see what i can do for java and node first. I need more information about the others like dotnet,ruby and python, as i am unsure how their manifest/dependencies works,and if snyk have full support on them yet.
Just saw your PR for nexmo-node. Thanks!
Summary
This PR is basically adding a Snyk badge to the readme, which reflects if there are any vulnerabilities in the existing manifest file (package.json). I think this is a quick win that allows us developers to have confidence on the library we are using.
The vulnerability scanning is free for all public repository, so why not :)
Other Information
Not really, but perhaps Nexmo might want to sign up with Snyk to scan for other projects (and other languages)
Thanks for allow us to contribute!