[COMPASS-6049] Integrate Snyk in Compass CI Created: 23/Aug/22  Updated: 27/Oct/23  Resolved: 24/May/23

Status: Closed
Project: Compass
Component/s: CI, Security, Tech debt
Affects Version/s: None
Fix Version/s: No version

Type: Task Priority: Major - P3
Reporter: Maurizio Casimirri Assignee: Unassigned
Resolution: Gone away Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
related to MONGOSH-984 Address npm audit (and dependabot?) r... Closed
Epic Link: COMPASS-6735
Story Points: 3
Documentation Changes: Not Needed
Sprint: Iteration Lobster

 Description   

Integrate Snyk in Compass CI to spot security issues with severity >= "high" ( "high" and "critical") for Compass and DE as early as possible.

snyk test --all-projects --severity-threshold=high

As part of this, for any issue found by snyk consider:

  • fixing it in the same PR
  • ignoring it in the same PR if is not actually harmful (unreached code, etc ..)
  • ignoring it in the same PR and create a followup ticket to address the issue in case the fix would require significant effort or not be yet available

NOTES:


Generated at Wed Feb 07 22:41:43 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.