search

cds-snc / pulse

Archived: [Project has been split out into two components, @ https://github.com/cds-snc/tracker and https://github.com/cds-snc/track-web ] Check whether a Government of Canada domain is adhering to best security practices.
Other
6 stars 1 forks source link

Snyk hack #136

Closed buckley-w-david closed 6 years ago

buckley-w-david commented 6 years ago

This PR duplicates the dependencies of the project into the requirement.txt files in each of the subdirectory so snyk can properly scan them.

This is pretty hacky, but unfortunatly snyk seems unable to scan for dependencies when they are embedded into the setup.py file.

This should address #101

obrien-j commented 6 years ago

@buckley-w-david Can you add a blurb high up into the README to ensure this is noted for future dev's on the project. I can't think of a better way to enforce this duplication in the short term, so feel free to get clever.