Skip to content

Security: rfprod/nx-ng-starter

Security

SECURITY.md

Security

Dependencies audit

From time to time it's reasonable to audit dependencies for security issues and fix found issues.

Manual (local)

Use the following command to perform audit check and apply automatic fixes if possible.

yarn audit:fix

Automated (CI)

The dependencies audit procedure should be automated by leveraging tools like Dependabot, or GitHub Actions in conjunction with Snyk and similar tools.

Code scanning

Source code should be regularly checked for vulnerabilities by leveraging GitHub Actions with tools like CodeQL and similar. See more here CodeQL Action

Shell scripts

Always inspect shell scripts before executing it on your machine.

There aren’t any published security advisories