Uploaded image for project: 'Compass '
  1. Compass
  2. COMPASS-6049

Integrate Snyk in Compass CI

    XMLWordPrintableJSON

Details

    • Icon: Task Task
    • Resolution: Gone away
    • Icon: Major - P3 Major - P3
    • No version
    • None
    • CI, Security, Tech debt
    • None
    • 3
    • Not Needed
    • Iteration Lobster

    Description

      Integrate Snyk in Compass CI to spot security issues with severity >= "high" ( "high" and "critical") for Compass and DE as early as possible.

      snyk test --all-projects --severity-threshold=high
      

      As part of this, for any issue found by snyk consider:

      • fixing it in the same PR
      • ignoring it in the same PR if is not actually harmful (unreached code, etc ..)
      • ignoring it in the same PR and create a followup ticket to address the issue in case the fix would require significant effort or not be yet available

      NOTES:

      Attachments

        Activity

          People

            Unassigned Unassigned
            maurizio.casimirri@mongodb.com Maurizio Casimirri
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: