UNPKG

run-jst-snyk

Version:

Snyk.io run-jst component

github.com/MitocGroup/run-jst

MitocGroup/run-jst

53 lines (37 loc) 1.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
Snyk.io Component ====================== This is a [run-jst](https://github.com/MitocGroup/run-jst) component that detects vulnerable dependencies according to `package.json` submitted to [Snyk.io](https://snyk.io) backend. # Prerequisites - [ ] Ensure `Node.js >=v6.x` is installed (We recommend using `nvm` https://github.com/creationix/nvm#installation) - [ ] [Install "run-jst"](https://github.com/MitocGroup/run-jst#installation) - [ ] Profit?! # Installation - `npm install -g run-jst-snyk` # Configuration `.jst.yml` configuration: ``` $: preprocess: '$.snyk.token': 'eval' snyk: token: 'process.env.JST_SNYK_API_TOKEN' # Snyk.io API token # actionable: true # Show actionable items # dev: false # Analyze 'devDependencies' ``` `.travis.yml` configuration: ``` script: 'jst run unit -c run-jst-snyk' before_install: # other before_install scripts... - 'npm install -g run-jst-snyk' ``` Add the [Snyk.io API Token](https://snyk.io/docs/quick-start/#authentication) to `.travis.yml`: ``` jst travis encrypt -x 'JST_SNYK_API_TOKEN=1234' ``` > If you are using [Travis Pro](https://travis-ci.com/) [read this guide](https://github.com/MitocGroup/run-jst/blob/master/docs/guide.md#configuring-github-project) to properly encrypt the environment variable # Usage ``` JST_SNYK_API_TOKEN=1234 jst run unit -c run-jst-snyk ```