Integrate Snyk in Compass CI

XMLWordPrintableJSON

    • Type: Task
    • Resolution: Gone away
    • Priority: Major - P3
    • No version
    • Affects Version/s: None
    • Component/s: CI, Security, Tech debt
    • None
    • Not Needed

      Integrate Snyk in Compass CI to spot security issues with severity >= "high" ( "high" and "critical") for Compass and DE as early as possible.

      snyk test --all-projects --severity-threshold=high
      

      As part of this, for any issue found by snyk consider:

      • fixing it in the same PR
      • ignoring it in the same PR if is not actually harmful (unreached code, etc ..)
      • ignoring it in the same PR and create a followup ticket to address the issue in case the fix would require significant effort or not be yet available

      NOTES:

              Assignee:
              Unassigned
              Reporter:
              Maurizio Casimirri
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: