curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity

docs: snyk doesn't use patch anymore

This commit is contained in:
curben 2019-03-09 15:15:45 +10:30
parent 591b9c7ab6
commit c25cd6d0b5
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
source/_posts/secure-node-modules-snyk.md
View File

@ -1,7 +1,7 @@
--- ---
title: Secure node modules with Snyk title: Secure node modules with Snyk
date: 2018-10-01 00:00:00 date: 2018-10-01 00:00:00
lastUpdated: 2018-10-30 00:00:00 lastUpdated: 2019-03-09 00:00:00
tags: tags:
- Node - Node
- Snyk - Snyk
@ -58,6 +58,8 @@ $ echo 'PATH="$PATH:./node_modules/.bin"' >> ~/.profile
***Attention:*** Snyk depends on GNU version of `patch` utility, so you need to install it if the CI build environment is Alpine or BSD. Otherwise, `snyk protect` won't work. Read my {% post_link snyk-patch-alpine-docker 'newer post' %} for more info. ***Attention:*** Snyk depends on GNU version of `patch` utility, so you need to install it if the CI build environment is Alpine or BSD. Otherwise, `snyk protect` won't work. Read my {% post_link snyk-patch-alpine-docker 'newer post' %} for more info.
***Edit:*** Snyk [v1.131.0](https://github.com/snyk/snyk/releases/tag/v1.131.0) onwards no longer use `patch`.
Alternatively, you could integrate directly to your remote repo (github/gitlab). This integration allows Snyk to automatically create pull/merge request. Enable this by going to your Snyk account and Integrations tab. Alternatively, you could integrate directly to your remote repo (github/gitlab). This integration allows Snyk to automatically create pull/merge request. Enable this by going to your Snyk account and Integrations tab.
{% cloudinary 20181001/snyk-integration.png %} {% cloudinary 20181001/snyk-integration.png %}

4
source/_posts/snyk-patch-alpine-docker.md
View File

@ -1,6 +1,6 @@
--- ---
title: Snyk failed to patch in Alpine docker title: Snyk failed to patch in Alpine docker
date: 2018-10-31 00:00:00 date: 2019-03-09 00:00:00
tags: tags:
- Snyk - Snyk
- Linux - Linux
@ -10,6 +10,8 @@ tags:
Snyk initially runs fine on Alpine, until you try to `snyk protect` to patch the modules. Turns out Synk depends on GNU version of `patch` utility. Snyk initially runs fine on Alpine, until you try to `snyk protect` to patch the modules. Turns out Synk depends on GNU version of `patch` utility.
***Edit:*** Snyk [v1.131.0](https://github.com/snyk/snyk/releases/tag/v1.131.0) onwards no longer use `patch`.
<!-- more --> <!-- more -->
Snyk is used to patch vulnerabilities of node_modules (read my {% post_link secure-node-modules-snyk 'previous post' %} for installation guide). I never had any issue with it running on Alpine docker image. That was because there was no modules to patch. Snyk is used to patch vulnerabilities of node_modules (read my {% post_link secure-node-modules-snyk 'previous post' %} for installation guide). I never had any issue with it running on Alpine docker image. That was because there was no modules to patch.