Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Add snyk monitoring for main branch #27

Merged
merged 1 commit into from
Jul 14, 2022
Merged

chore: Add snyk monitoring for main branch #27

merged 1 commit into from
Jul 14, 2022

Conversation

NovemberTang
Copy link
Contributor

This PR reliably integrates the repository with the snyk GitHub action which will scan your code’s dependencies and alert you if vulnerabilities are found. This PR has only been raised on repos that have already been tested to make sure scanning will work out of the box. ‘reliably integrated’ means that this action compares the hash of the last commit on main to the one that snyk has, and makes sure that they match. If you think that this repository doesn’t belong to your team, please mark your team as something other than an Admin for this repo before closing the PR, or its highly likely further PRs will be raised.

@NovemberTang NovemberTang requested review from a team as code owners July 13, 2022 11:28
NovemberTang
NovemberTang commented Jul 13, 2022
View reviewed changes
Copy link
Contributor Author

@NovemberTang NovemberTang left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR was generated because both edtools and capi are listed as admins for this repo. Is that supposed to be the case? And if so who's going to get the snyk notifications?

@rowannekabalan
Copy link

rowannekabalan commented Jul 13, 2022
edited
Loading

This PR was generated because both edtools and capi are listed as admins for this repo. Is that supposed to be the case? And if so who's going to get the snyk notifications?

@NovemberTang Taking a look at the commit history it looks like this repo was mostly maintained by CAPI for the last year or so therefore I assume we should get the SNYK notifications

@NovemberTang NovemberTang merged commit a79197a into master Jul 14, 2022
@NovemberTang NovemberTang deleted the nori/capi-snyk-integration branch July 14, 2022 12:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rowannekabalan rowannekabalan rowannekabalan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@NovemberTang @rowannekabalan