Open prusnak opened 4 years ago
And yarn audit could push us even furtherer :D
@matejkriz Please evaluate. Thanks!
It would be very nice to have it, it could save us from potential security issues.
The integration could be pretty easy, but setup process to benefit from it could be harder. And the fees are pretty high.
I believe it's worth to test if for a month or so.
isn't this obsolete with advent of socket.dev?
Evaluate the usage of https://snyk.io/
We already use GitHub Security Alerts, but the more the merrier :-)