#167 — Add vulnerabilities scanning into CI

Repo: Twill-AI/facade State: open | Status: open Assignee: Unassigned

Created: 2024-10-25 · Updated: 2025-09-15

Description

Caused by https://twillpayments.atlassian.net/wiki/spaces/TD/pages/153092112/Evaluation+of+Security+Aspects

Consider checking “dependabot” in GitHub. - @meliascosta added it to most repos already https://twill-network.slack.com/archives/C078KS0R05B/p1730410321751839. Also Snyk was strongly advised by James Reynolds.

AC:

• While merging to “main” branch need to scan code for know vulnerabilities and fail build. Scanning is performed in:
  • python packages (poetry level)
  • container packages (docker level)
• “main” branch CI doesn’t fail with vulnerabilities, i.e. current are addressed.

Notes

Add implementation notes, blockers, and context here

Related

Add wikilinks to related people, meetings, or other tickets