Setup Snyk - Githubissues

flattr / flattr-extension

Flattr web extension - monetize your content effortlessly.

https://flattr.com

GNU General Public License v3.0

27 stars 5 forks source link

Setup Snyk #16

Open erikvold opened 6 years ago

erikvold commented 6 years ago

Synk is just an automated tool to check the dependencies that are used for vulnerabilities. So if someone makes a pull request for a npm package with a known vulnerability then we'll be alerted to that.

https://snyk.io/ https://github.com/marketplace/snyk https://blog.travis-ci.com/2017-04-20-continuous-security-snyk-travis-ci/

erikvold commented 6 years ago

I'm thinking it would be nice to do add the automated tests and pull requests (mentioned here: https://snyk.io/docs/snyk-for-nodejs ), and also the badge to our readme.

Does this sound alright to you @ThomasGreiner ?

ThomasGreiner commented 6 years ago

Sounds good! Thanks. Anything we need to change for that in our code - apart from adding the badge - or is all of that configured through their UI?