Please note: this does not alter nor impact the operation of Dark Matter and is purely for contributors (optional) and maintainers (mandatory).
This PR adds Snyk to Dark Matter to better improve security of the Dark Matter plugin during development by adding code security scans and dependency checking1. Whilst Dark Matter has not been compromised through a rogue dependency in either Composer or NPM, this will provide additional checking layer to mitigate the potential in the future.
Testing the codebase as it can be achieved by running npm run test which will then engage Snyk to scan the code and check the dependencies for an issue such as ua-parser-js2.
Also included is a Github Action for scanning Composer and NPM dependencies through Snyk.
Please note: this does not alter nor impact the operation of Dark Matter and is purely for contributors (optional) and maintainers (mandatory).
This PR adds Snyk to Dark Matter to better improve security of the Dark Matter plugin during development by adding code security scans and dependency checking1. Whilst Dark Matter has not been compromised through a rogue dependency in either Composer or NPM, this will provide additional checking layer to mitigate the potential in the future.
Testing the codebase as it can be achieved by running
npm run test
which will then engage Snyk to scan the code and check the dependencies for an issue such asua-parser-js
2.Also included is a Github Action for scanning Composer and NPM dependencies through Snyk.
References: