Failed security/synk check when creating a PR

dsurrao · September 6, 2018, 8:58pm

I get these errors when creating pull requests against the openmrs-module-webservices.rest repo. They are unrelated to changes I’ve made, and identify vulnerabilities in pom.xml files that are already in the master branch. Any ideas why this is happening?

Some checks were not successful
1 errored, 2 failing, and 10 successful checks
security/snyk - omod/pom.xml (openmrs) — Failed to detect issues
security/snyk - omod-1.11/pom.xml (openmrs) — 4136 new vulnerable dependency paths
security/snyk - omod-1.12/pom.xml (openmrs) — 8272 new vulnerable dependency paths

dkayiwa · September 8, 2018, 6:36pm

I think this is a way of ensuring that it gets fixed, by making noise for each new pull request.

@isears am sure you are interested in such.

isears · September 8, 2018, 7:01pm

Yeah! Looks like some of our dependencies are getting out of date. I don’t think I have access to our snyk dashboard so I can’t see exactly what the problems are. Wouldn’t mind working on mitigating some of the more serious alerts if I get access though.

dkayiwa · September 9, 2018, 1:22pm

@isears PM me your email address to get access.

dkayiwa · September 9, 2018, 2:19pm

@isears you should now have an invitation to the admins group

isears · September 9, 2018, 2:25pm

I see it thanks

dsurrao · September 10, 2018, 2:34pm

Thanks for looking into this!