Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Installed SonarQube and Snyk on the CI/CD of a 2.5 year old project that only had a linter enabled previously.
Practically zero problems found. One minor problem (same code in different branches), a few false positives, and a few possible problems in dependencies that I have no control over.
Now wondering:
Am I really that good or are those tools just shit?
10 -
Seems like "Google Magic" and I have a disagreement (nb: this is the 4th of Snyk auto-follow up mails and I have no idea why they speak to me in French)
1 -
Beware of NPM packages maintained by Brandon Nozaki Miller alias RIAEvangelist. He added IP-specific malware to node-ipc.
https://security.snyk.io/vuln/...
https://github.com/RIAEvangelist/...16 -
TIL "Regular Expression DDOS" is a thing
I thought OS/server would be smart enough to cut short long running CPU intensive session-threads without affecting others, thats their job after all
I overestimate the OS-level I guess :v
https://security.snyk.io/vuln/... //ref15
Top Tags
Weekly Rant
View