Automate Notifying Slack when Snyk Discovers a High or Critical Vulnerability

[halprin]

DevEx/OpEx

Write now, @halprin (and maybe others?) get a weekly e-mail of any existing dependency vulnerabilities (via SCA scanning). We should not depend on that. When a new high or critical vulnerability is discovered, let's have Snyk automatically notify our Slack alert channels so we hop on a fix ASAP.

Tasks

• Wait until we have our CDC Snyk account
• Integrate Snyk with Slack
  • Request permission from Slack app manager
  • Set up to notifications for alerts channel (Filter Snyk notifications to be high or critical vulnerability only)

Additional Context

Add any other context or screenshots about the work here.

[pluckyswan]

@halprin See slack thread for question.