Learn coding concepts by building real projects with modern technologies

Snyk Security Review

By Lane Wagner on Jul 16, 2019

We recently integrated Snyk into boot.dev as a way to get more visibility into known vulnerabilities in boot.dev’s codebase. Snyk has already patched a critical vulnerability in lodash for us. This allowed us to continue releasing new versions before the official fix for lodash was published a few days ago.

We can’t speak to whether Snyk is a cost-effective tool for commercial applications. However, their support for the open-source community by offering free integrations is worth the few minutes it takes to install.


Their quick start page allows developers to integrate their GitHub repository, then use the command-line tool to detect and apply any patches to their code.

Snyk Badge

We added a badge to our github repo that shows in near real-time whether or not the boot.dev code contains any known vulnerabilities according to Snyk. If you are into open source and are looking for a way to keep your code secure, Snyk is a tool you should look into.

Learn to code by building real projects

Related Reading