Announcing Snyk-Powered Linting in Sonar
That’s why we’re excited that some of the best auditing tools for developers have chosen to highlight this problem and, powered by Snyk’s vulnerability database, report on vulnerable libraries to all developers who use them! Embedding into these tools is key to raising developer awareness and making it seamless for developers to notice and understand the risk these vulnerabilities present.
Snyk and Sonar
Sonar started out as an internal project from inside the Microsoft Edge team, but they quickly realized they wanted it to be an open-source, community-driven project backed by the JS Foundation. Sonar lints your site against a number of different best practices and custom rules and gives you a report with the results so you know exactly what you need to improve.
Sonar started off as a command-line tool using the
sonar npm module, but they’ve just launched their brand new online site scanner as well, to make it even easier to get quick information about the overall health of your site or application.
Security and Developers, Together