Details
-
Task
-
Resolution: Gone away
-
Major - P3
-
None
-
None
-
3
-
Not Needed
-
Iteration Lobster
Description
Integrate Snyk in Compass CI to spot security issues with severity >= "high" ( "high" and "critical") for Compass and DE as early as possible.
snyk test --all-projects --severity-threshold=high
|
As part of this, for any issue found by snyk consider:
- fixing it in the same PR
- ignoring it in the same PR if is not actually harmful (unreached code, etc ..)
- ignoring it in the same PR and create a followup ticket to address the issue in case the fix would require significant effort or not be yet available
NOTES:
- NPM 8 introduced a convenient way to bump nested dependencies that may be useful to fix some of the issues: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides, it only works if specified on the root package.json
Attachments
Issue Links
- related to
-
MONGOSH-984 Address npm audit (and dependabot?) results
-
- Closed
-