One caveat to keep in mind: Snyk's GitHub integration doesn't check devDependencies. In theory, we could have vulnerabilities that sneak in via flaws in emscripten, babel, etc. Apparently Snyk's CLI can check devDependencies, so I suppose we should make a habit of doing that every so often.
One caveat to keep in mind: Snyk's GitHub integration doesn't check
devDependencies
. In theory, we could have vulnerabilities that sneak in via flaws inemscripten
,babel
, etc. Apparently Snyk's CLI can checkdevDependencies
, so I suppose we should make a habit of doing that every so often.Closes #16