From the course: Agile Software Development: Code Quality
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Securing your dependencies with Snyk CLI - SonarQube Tutorial
From the course: Agile Software Development: Code Quality
Securing your dependencies with Snyk CLI
- [Instructor] Let's take a peak at synk, and how we can use it to make our projects more secure. We're working with version 4.15.0 of Express, which was released back in 2017. The Express team does a pretty good job of staying on top of security fixes. So this walkthrough wouldn't be all that interesting if we were working with a recent version. Let's switch the directory where you cloned Express, and then run npm install. This should install all the projects dependencies without any errors. Next run npm test to make sure that all of the projects tests have passed. And there we go, 833 passing tests. Now we're ready to run the snyk command. Snyk test shows us that there are five vulnerabilities across 14 vulnerable paths in our dependency tree. We can scroll up in the terminal output to see the details of each vulnerability and how they can be addressed manually. Each vulnerability lists specific remediation steps. For most languages that snyk supports, manual remediation is the only…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.