-
Notifications
You must be signed in to change notification settings - Fork 427
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Executable Tutorial: Submission (maxisr-raeef) #2648
Conversation
Co-Authored-By: Rafael Bechara <75490904+raeef96@users.noreply.github.com>
Would love to give you guys feedback on this! |
@Blezie Thanks for the submission. You need to resolve the conflicts before I can merge. |
@javierron The conflict should now be resolved. |
FeedbackI certify that generative AI, incl. ChatGPT, has not been used to write this feedback. Using generative AI without permission is considered academic misconduct. Strengths
Weaknesses & suggestions
Last couple of lines from the error message:
Smaller details
SummaryOverall a very good executive tutorial. I managed to run it from the beginning to end first try without any major issues. Although the tutorial does not dvelve super deep into any one tool I still got valuable insights into how I can use them and the capabilities of tools such as Snyk, something I hadn’t encountered before, along with GitHub Actions to see the security state of my project. P.S., yes I did find your Easter egg! :) |
Assignment Proposal
Title
Dependency Management and Security Auditing in npm with Snyk + GitHub Actions
Names and KTH ID
Deadline
Category
Description
We will guide users through managing, checking, and securing npm dependencies. The tutorial will start with using npm audit for basic vulnerability detection. We will then show how to add Snyk for better scanning and analysis. We'll also include a section on how to integrate this with GitHub Actions, showing how to create the necessary YAML files.
We want to create this executable tutorial with Killercoda.
Relevance
This is relevant for DevOps because keeping dependencies secure makes the software safer and more reliable, which can help prevent issues from reaching production.
The executable tutorial can be found at Killercoda and at Github