Ecosystems

Interested in eco-system specific posts? We’ve got your back! Read through our posts and learn how security impacts your environment.

Fixing vulnerabilities in Maven projects

Maven is still the most used build system in the Java ecosystem. According to the JVM report 2020, Maven is the number one build tool in the ecosystem with two-thirds of the share.  Therefore, it is important to now how Maven works. For instance, if you find vulnerabilities in your Maven project using Snyk, how … Continued

September 14, 2020
PuCharm plugin

Helping Python developers shift security left with a new PyCharm plugin

We’re happy to announce Snyk’s brand new PyCharm plugin, helping Python developers find and fix security and license issues in their open source dependencies as early as their first lines of code!  Tackling vulnerabilities within the IDE is an important part of shifting security left and enabling developers to take on more responsibility for security … Continued

September 8, 2020
discover package vulnerabilities

Discover package vulnerabilities with the Snyk integration for JSDelivr

We are excited to announce that we power the security badge in JSDelivr.com! JSDelivr is one of the leading CDN for open source and npm packages. Snyk’s new integration with JSDelivr shows a security badge on the search page for a specific library. At Snyk, we strongly believe that it is important for developers to … Continued

June 8, 2020

Java turns 25—aging like fine wine or more like milk?

On May 23, 1995, Sun Microsystems released Java. This means that Java turns 25 years old and that is something we need to celebrate! The age of 25 is quite old for a programming language, though, right? Let’s take a look at the programming language, the ecosystem, the community, and the future of Java, see … Continued

May 22, 2020

Test website security with Snyk’s newest WebPageTest integration

We are excited to announce the security integration with WebPageTest! These newly introduced data points for all tested pages enrich the existing website performance tests with further visibility into security details, such as HTTP security headers and vulnerable JavaScript libraries found on a website. We at Snyk know that web developers have many cross-cutting concerns … Continued

May 14, 2020
project tags

Website security score explained

Snyk launched an integration with WebPageTest that reports security insights for a website security check, along with other speed tests and performance metrics that WebPageTest provides. If you run a WebPageTest scan, you get a security score.What is this score measuring and how are we calculating it? In order to get a security score and … Continued

May 12, 2020

Why did is-promise happen and what can we learn from it

On the 25th of April 2020, version 2.2.0 of is-promise library on npm was released by JavaScript developer and maintainer Forbes Lindesay. Reportedly, this release caused failures in popular developer build tools used for scaffolding new projects, such as Facebook’s create-react-app, Google’s firebase-tools, angular-cli, and others. Forbes promptly addressed the problems associated with the 2.2.0 … Continued

April 28, 2020
dependency management in Python

Dependency management tools for Python

Managing dependencies is important to the health of your Python project. A project with properly managed dependencies reaps rewards in terms of predictability, sustainability, and security. Well managed dependencies ensure predictable behavior across local, development, and production environments. If your dependencies are well managed, you won’t find yourself on the wrong end of a long-term … Continued

April 15, 2020
security news

The State of Open Source Security Survey – 2020

Snyk is currently building our annual State of Open Source Security report and we want to hear from you! Complete this brief survey to help guide our research.

March 25, 2020

Django security tips

Lucky you, you user of the web framework for perfectionists with deadlines (AKA Django). The Django team has put a lot of thought into their security practice (find security features in their documentation and their security policy is interesting too). We have summarized some of the best tips to keep your Django project secure.  Download … Continued

March 24, 2020