Liran Tal
💚@nodejs Security WG member | Core team @meanjs, #dockly | Author: 📘Essential Node.js Security ✨ Engineering Manager @nielsen-oss | ❤️#opensource #javascript
Featuring Snyk
by Liran Tal
Text
Liran Tal
@liran_tal
leanpub.com/nodejssecurity/c/MEETUP
https://david-dm.org
http://bithound.io
npm outdated --long
hold your horses,
has it too pal
$ npm install -g snyk
$ snyk test
https://snyk.io
$ snyk auth bfd71-fdabc8123-4981-bd8f7c
understanding the lifecycle of Travis CI build
before_install
install
before_script
script
after_success
after_failure
after_script
before_install:
- npm install -g snyk
.travis.yml
# fail the build
before_script:
- snyk test
# do not fail the build
# you should have a good reason to do this
after_script:
- snyk test
.travis.yml
$ snyk monitor
after_success:
- snyk monitor
.travis.yml
$ snyk wizard
# on CI - we protect before we
# test to apply the policies
before_script:
- npm install -g snyk
- snyk protect
- snyk test
.travis.yml
"scripts": {
"test": "snyk test && npm test",
"snyk-protect": "snyk protect",
"prepublish": "npm run snyk-protect"
}
package.json
By Liran Tal