Snyk.io Component

This is a run-jst component that detects vulnerable dependencies according to package.json submitted to Snyk.io backend.

Prerequisites

Ensure Node.js >=v6.x is installed (We recommend using nvm https://github.com/creationix/nvm#installation)
Install "run-jst"
Profit?!

Installation

npm install -g run-jst-snyk

Configuration

.jst.yml configuration:

$:
  preprocess:
    '$.snyk.token': 'eval'
  snyk:
    token: 'process.env.JST_SNYK_API_TOKEN'     # Snyk.io API token
    # actionable: true                          # Show actionable items
    # dev: false                                # Analyze 'devDependencies'

.travis.yml configuration:

script: 'jst run unit -c run-jst-snyk'  
before_install:
  # other before_install scripts...
  - 'npm install -g run-jst-snyk'

Add the Snyk.io API Token to .travis.yml:

jst travis encrypt -x 'JST_SNYK_API_TOKEN=1234'

If you are using Travis Pro read this guide to properly encrypt the environment variable

Usage

JST_SNYK_API_TOKEN=1234 jst run unit -c run-jst-snyk

run-jst-snyk

Snyk.io Component

Prerequisites

Installation

Configuration

Usage

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Last publish

Collaborators

run-jst-snyk

Snyk.io Component

Prerequisites

Installation

Configuration

Usage

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Last publish

Collaborators

Weekly Downloads