In this project, we prioritize security and code quality by employing several tools and practices to ensure robustness and maintainability.
We utilize SolarLint as our primary linter to enforce code style conventions and identify potential issues in our codebase. SolarLint not only provides clean code tips but also offers security analysis, thereby enhancing our code quality and security posture. Example of SolarLint providing clean code tips:
For static application security testing and software composition analysis, we rely on Synk. Synk is integrated into our continuous integration pipeline, running on every commit pushed to GitHub. It helps us identify and address code vulnerabilities promptly, ensuring the integrity and security of our application.
As a final security measure, we conduct a ZAP Automated Scan on our frontend. This scan helps us identify any potential security vulnerabilities in our application. During our last scan, we received only a single warning, which we promptly investigated. Upon review, we found no cloud metadata that could be exploited for a potential attack, ensuring the robustness of our application.
To access our application, please use the following login credentials:
- Username: admin@gmail.com
- Password: admin123
In the development of our frontend and backend systems, we have adhered strictly to industry-standard best practices to ensure the highest levels of security and resilience against various types of cyber threats.
We used github issues to document tasks and progress on our work