-
Type: Task
-
Resolution: Gone away
-
Priority: Major - P3
-
Affects Version/s: None
-
None
-
3
-
Not Needed
-
Iteration Lobster
Integrate Snyk in Compass CI to spot security issues with severity >= "high" ( "high" and "critical") for Compass and DE as early as possible.
snyk test --all-projects --severity-threshold=high
As part of this, for any issue found by snyk consider:
- fixing it in the same PR
- ignoring it in the same PR if is not actually harmful (unreached code, etc ..)
- ignoring it in the same PR and create a followup ticket to address the issue in case the fix would require significant effort or not be yet available
NOTES:
- NPM 8 introduced a convenient way to bump nested dependencies that may be useful to fix some of the issues: https://docs.npmjs.com/cli/v8/configuring-npm/package-json#overrides, it only works if specified on the root package.json
- related to
-
MONGOSH-984 Address npm audit (and dependabot?) results
- Closed