Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrate Snyk : Static analysis tool #64

Open
wants to merge 7 commits into
base: f24
Choose a base branch
from
Open

Integrate Snyk : Static analysis tool #64

wants to merge 7 commits into from

Conversation

rmmahmou
Copy link

@rmmahmou rmmahmou commented Oct 26, 2024
edited
Loading

This pull request integrates the Snyk tool into the project to perform security scans and identify vulnerabilities in dependencies. The following key changes were made to the codebase to set up and run Snyk:

Installed Snyk:
Ran npm install -g snyk to install the tool globally.
Created a Snyk account and authenticated with snyk auth.
Verified the setup by running snyk test, confirming that the tool is correctly integrated and scanning the codebase as expected.
Output:
Screen Shot 2024-10-26 at 11 52 51 PM
Screen Shot 2024-10-26 at 11 53 13 PM

File Changes:
.eslintignore: Updated to exclude certain directories and files from ESLint checks to streamline testing.:
Screen Shot 2024-10-27 at 5 10 35 PM

package.json: Added Snyk to devDependencies with version "1.1293.1" for consistent use in development environments.
Screen Shot 2024-10-27 at 5 09 58 PM

.snyk: Created a configuration file to specify dependencies that should be ignored, with reasons documented for each exclusion.

@coveralls
Copy link

Pull Request Test Coverage Report for Build 11540907889

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.005%) to 82.586%
Totals Coverage Status
Change from base Build 11495456179: 0.005%
Covered Lines: 22388
Relevant Lines: 25677
💛 - Coveralls

@rmmahmou rmmahmou self-assigned this Oct 27, 2024
@rmmahmou rmmahmou changed the title added Snyk tool and initialized .snyk ignore configuration file Integrate Snyk ; Static analysis tool Oct 27, 2024
@rmmahmou rmmahmou changed the title Integrate Snyk ; Static analysis tool Integrate Snyk : Static analysis tool Oct 27, 2024
@Hakaabi Hakaabi self-requested a review October 27, 2024 14:14
Hakaabi
Hakaabi approved these changes Oct 27, 2024
View reviewed changes
Copy link

@Hakaabi Hakaabi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great implementation of the tool!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Hakaabi Hakaabi Hakaabi approved these changes

Assignees

@rmmahmou rmmahmou

Labels
not in the starter list static analysis tool testing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rmmahmou @coveralls @Hakaabi