Page MenuHomeDevCentral
Create Task
Maniphest T1488

Evaluate Snyk
Open, Needs TriagePublic
Actions

Description

Snyk is a closed source tool to "continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and much more".

Evaluation process first steps would be:

  • setup to link to our code
  • document how to add new repos

Event Timeline

dereckson created this task.Nov 27 2018, 21:57
dereckson added a comment.EditedNov 27 2018, 22:04

One of the problem is the lack of integration with Phabricator.

For example, it allows to interact with GitHub and open a PR there when it founds an issue: https://github.com/nasqueron/daeghrefn-www/pull/1

The PR is closed, when the branch is restored, it's autodeleted.

The commit message doesn't respect imperative mode: https://github.com/nasqueron/daeghrefn-www/pull/1/commits/28510e0cd38ce00cde64dfd1a736a7ff322cf0d4

dereckson added a comment.Jan 14 2020, 14:44

I've created the snyk user on phab and allowed commits to bypass review on phab first.

dereckson moved this task from Backlog to Working on on the Operations sprints (Move the ambiant lights) board.Jan 14 2020, 14:45
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator