In this short note, I’ll show how you can continuously monitor dependency vulnerabilities in your project with Snyk.
So what’s Snyk? Snyk is a service which allows you to detect and monitor vulnerabilities in projects, and it supports various platforms. For some reason, the documentation for how to set up the scanning for .NET projects almost is not documented, so let’s set up the scanning ourselves.
In the latest version of SonarQube new fantastic feature was introduced, so-called external analyzers. The quote from the official site: