Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

All the same Lynda.com content you know and love

Plus, personalized course recommendations tailored just for you

All the same access to your Lynda learning history and certifications

Try LinkedIn Learning for free

Questions? Visit our help center.

How does my subscription work?

Can I use a different payment method?

Yes, after you upgrade to LinkedIn Learning you can change your payment method on LinkedIn.com.

Upgrade Now

By upgrading, your account will only be accessible on Linkedin Learning.

Lynda.com is now LinkedIn Learning · Same content. Same instructors. New platform.

Start My Free Month

Securing your dependencies with Snyk CLI

Snyk provides a feature-rich command line tool for detecting and patching security vulnerabilities in your dependencies. In this video, learn how to use the Synk command line interface by running it against an open source JavaScript project, the Express web application framework, all while making sure the project’s tests still pass.

- [Instructor] Let's take a peak at synk, … and how we can use it to make our projects more secure. … We're working with version 4.15.0 of Express, … which was released back in 2017. … The Express team does a pretty good job … of staying on top of security fixes. … So this walkthrough wouldn't be all that interesting … if we were working with a recent version. … Let's switch the directory where you cloned Express, … and then run npm install. … This should install all the projects dependencies … without any errors. … Next run npm test to make sure that … all of the projects tests have passed. … And there we go, 833 passing tests. … Now we're ready to run the snyk command. … Snyk test shows us that there are five vulnerabilities … across 14 vulnerable paths in our dependency tree. … We can scroll up in the terminal output to see … the details of each vulnerability … and how they can be addressed manually. … Each vulnerability lists specific remediation steps. … For most languages that snyk supports, …

Resume Transcript Auto-Scroll

Author

M. Scott Ford

Skill Level Intermediate

1h 40m

Duration

6,771

Views

Show More Show Less

Related Courses

Introduction
- Why code quality is important
  1m 2s
- What you should know
  18s
1. Code Quality
- What is code quality?
  1m 28s
- How do we end up with poor quality code?
  1m 45s
- Review of code quality metrics and tools
  3m 53s
2. Complexity
- What is complexity?
  2m 39s
- Exploring complexity with Code Climate
  3m 22s
- Enabling cyclomatic complexity
  4m 25s
- Adjust thresholds
  3m 36s
3. Hotspots and Churn
- What are hotspots and churn?
  2m 22s
- Hotspots and churn with CodeScene
  3m 59s
- Customizing analysis with CodeScene
  5m 3s
4. Code Coverage
- What is code coverage?
  2m 56s
- Windows setup
  2m 9s
- Collecting code coverage with dotCover
  3m 23s
- Visualizing code coverage with NDepend
  5m 35s
- macOS X setup
  3m 19s
- Collecting code coverage with SimpleCov
  3m 57s
- Visualizing code coverage with Code Climate
  5m 21s
5. Duplication
- What is duplication?
  2m 10s
- Setting up copy/paste detectors (CPD)
  1m 33s
- Finding duplication with CPD
  5m 9s
- Visualizing duplication with SonarQube
  5m 40s
6. Securing Your Dependencies
- Why secure dependencies?
  1m 51s
- Setting up Snyk
  1m 24s
- Securing your dependencies with Snyk CLI
  4m 10s
- Securing your dependencies with Snyk web
  3m 9s
7. Consistent Coding Style
- Why consistent coding style?
  1m 40s
- Setting up Flask
  2m 1s
- Detect style violations with Flake8
  5m 50s
- Automated code style review with Hound CI
  4m 45s
Conclusion
- Next steps
  36s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Start My Free Month

Start your free month on LinkedIn Learning, which now features 100% of Lynda.com courses. Develop in-demand skills with access to thousands of expert-led courses on business, tech and creative topics.

Start My Free Month

Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

How does my subscription work?

Can I use a different payment method?

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

Securing your dependencies with Snyk CLI

Author

Skill Level Intermediate

Duration

Views

Related Courses

Agile Software Development

Agile Software Development: Refactoring

Introduction

1. Code Quality

2. Complexity

3. Hotspots and Churn

4. Code Coverage

5. Duplication

6. Securing Your Dependencies

7. Consistent Coding Style

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month