📒
nx-ng-starter
  • Contributor Covenant Code of Conduct
  • Contributing to this repository
  • Nx Ng Starter
  • Security
  • Support
  • Tools
    • diagrams
      • branching
      • pr-validation-pipeline
      • trunk-on-push-pipeline
    • tools/shell
    • tools/ts
      • Unit Coverage Stats
    • generators
      • client-feature
        • <%= name %>
      • client-store
        • <%= name %>
      • client-ui
        • <%= name %>
      • client-util
        • <%= name %>
  • .github
    • ISSUE_TEMPLATE
      • bug_report
    • ISSUE_TEMPLATE
      • feature_request
    • ISSUE_TEMPLATE
      • maintenance
  • Libraries
    • backend-auth
    • backend-diagnostics
    • backend-gql
    • backend-grpc
    • backend-interfaces
    • backend-logger
    • backend-websocket
    • client-chatbot
    • client-core-components
    • client-core
    • Angular D3 Chart Components Module
    • client-diagnostics
    • client-directives
    • client-gql
    • client-grpc
    • client-material
    • client-pwa-offline
    • client-services
    • client-sidebar
    • client-store-chatbot
    • client-store-http-api
    • client-store-http-progress
    • client-store-sidebar
    • client-store-theme
    • client-store-user
    • client-store-websocket
    • client-store
    • client-translate
    • client-unit-testing
    • Angular Eliza Chatbot Module
    • client-util-sentry
    • client-util
    • proto
Powered by GitBook
On this page
  • Dependencies audit
  • Manual (local)
  • Automated (CI)
  • Code scanning
  • Shell scripts

Was this helpful?

Security

PreviousNx Ng StarterNextSupport

Last updated 2 years ago

Was this helpful?

Dependencies audit

From time to time it's reasonable to audit dependencies for security issues and fix found issues.

Manual (local)

Use the following command to perform audit check and apply automatic fixes if possible.

yarn audit:fix

Automated (CI)

The dependencies audit procedure should be automated by leveraging tools like , or in conjunction with and similar tools.

Code scanning

Source code should be regularly checked for vulnerabilities by leveraging with tools like and similar. See more here

Shell scripts

Always inspect shell scripts before executing it on your machine.

Dependabot
GitHub Actions
Snyk
GitHub Actions
CodeQL
CodeQL Action