Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Done
Priority: Major - P3
Fix Version/s: 100.9.5
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
3
Sprint:
TAR 2024-05-13
Assigned Teams:

Tools and Replicator
Epic Link:
REP-3553
Days Spent:
2
Documentation Changes:
Not Needed

Problem

See the project's design doc.

Solution & Acceptance Criteria

Make sure the Snyk config for thjis project is correct.
Make a PR to update dependencies to address any flagged issues.
Add a task in our Evergreen release workflow that will fail if there are any high or critical vulnerabilities in our deps.
Figure out how to deal with false positives where we don't want to upgrade (or where no upgrade is available yet). I think the answer is that we can manually tell Snyk to ignore these via their web console.

is depended on by

TOOLS-3537 Create the SSDLC report template

Closed

TOOLS-3538 Update our release documentation with new SSDLC-related stuff

Closed

links to

Pull Request (mongodb/mongo-tools master)

Assignee:: Dave Rolsky
Reporter:: Dave Rolsky
Reviewers:: Evgeni Dobranov (Inactive), Huan Li (Inactive), Johnny DuBois (Inactive)
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: May 07 2024 02:32:22 PM UTC
Updated:: May 23 2024 02:50:50 AM UTC
Resolved:: May 23 2024 02:50:50 AM UTC