According to the remediation, we need to fix the
PrimeFaces dependency and update it from version
Let us pretend the developer fixed it and checked it in, coming back into the pipeline. This is done by changing.
Run this command to copy over our fixed version in the lab:
cp modules/snyk/pom.xml modules/containerize-application/app/
git commit -am "Fix vulnerable open source dep."
git push -f codecommit master
This time check
Code Builder and we see it succeeded.
Tested 37 dependencies for known vulnerabilities, no vulnerable paths found.Next steps:- Run `snyk monitor` to be notified about new related vulnerabilities.
The vulnerability is fixed and the build succeeded!
Next, we also see Snyk successfully scanned the
Docker Image and there were no package dependency issues with our Docker container!
Container] 2018/11/09 03:54:14 Running command $PWDUTILS/snyk test --docker $REPOSITORY_URI:latestTesting 300326902600.dkr.ecr.us-west-2.amazonaws.com/petstore_frontend:latest...Organisation: sample-integrationsPackage manager: rpmDocker image: 300326902600.dkr.ecr.us-west-2.amazonaws.com/petstore_frontend:latest✓ Tested 190 dependencies for known vulnerabilities, no vulnerable paths found.