Skip to content
/ vulnnode Public

A vulnerable Node.js project, part of the Securing JavaScript from the CLI blog post on the Snyk website

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

snyk-snippets/vulnnode

BranchesTags

Repository files navigation

vulnnode

Vulnerable quotes API Node.js project for Snyk CLI demo

Set up

Install dependencies

npm install

Start app

npm start

App will be started on port 3000.

Create and start docker container

docker compose up --detach app

App will be available on port 4000.

Create kubernetes resource

kubectl create -f kube.yml

App will be available on port 5000.

Test Project

Default Test

snyk test

JSON output: /reports/default_test.json

GET /: Fetch all quotes
GET /random: Fetch random quote

Test Container

snyk container test vulnnode

JSON output: /reports/container_test.json

Test IaC (Infrastructure as Code)

snyk iac test kube.yml

JSON output: /reports/iac_test.json

Misc

Monitor Project

snyk monitor --file=package.json  --project-name=vulnnode --org=myorg

Ignore Vulnerability

snyk ignore --id=SNYK-JS-LODASH-1018905 --expiry=2023-07-27 --reason="Not really severe"

Check Output here: /reports/.snyk

Output test to JSON file

snyk <cmd> --json-file-output=./path/to/file.json

About

A vulnerable Node.js project, part of the Securing JavaScript from the CLI blog post on the Snyk website

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages