Skip to content
This repository has been archived by the owner on Mar 31, 2023. It is now read-only.

Adding Snyk to prevent security issues in Emulsify #98

Open
shaal opened this issue Dec 5, 2018 · 4 comments
Open

Adding Snyk to prevent security issues in Emulsify #98

shaal opened this issue Dec 5, 2018 · 4 comments
Labels
Priority: Low Status: Feedback Needed

Comments

@shaal
Copy link

shaal commented Dec 5, 2018

I forked emulsify-gulp, and scanned it with https://snyk.io

Snyk found the following vulnerabilities -

  • 10 High severity
  • 16 Medium severity
  • 14 Low severity

Here's how Snyk reports an issue in the repository -
screenshot from 2018-12-05 15-59-11

Here you can see an example of a PR that Snyk creates -
shaal@893ba16

(might be related to #97)
@evanmwillhite
Copy link
Contributor

Thanks for posting this, I've replaced #97 with #99 and that is marked as critical. It takes care of all the critical issues except for the ones the Gulp team has identified as OK. Marking this as low, but I'd like for others to weigh in on using a tool like this. It seems like a great option to me. Thanks for posting!

@evanmwillhite
Copy link
Contributor

Update: #99 has been merged.

@shaal
Copy link
Author

shaal commented Dec 11, 2018
edited
Loading

@evanmwillhite emulsify-gulp used to have 40 security vulnerabilities, now down to 12 security vulnerabilities (3 of them are marked as severe).

@evanmwillhite
Copy link
Contributor

@shaal see my comment above. The "High" ones are related to Gulp and per their team None of these warnings pose any real risk to you as a user of gulp.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Priority: Low Status: Feedback Needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shaal @evanmwillhite