Skip to content
/ firstpartyselector Public

Example of using the Veracode Java API wrapper to select all first party modules.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

relaxnow/firstpartyselector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

.mvn/wrapper

.mvn/wrapper

 
 

src

src

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

mvnw

mvnw

 
 

mvnw.cmd

mvnw.cmd

 
 

pom.xml

pom.xml

 
 

spring-shell.log

spring-shell.log

 
 

Repository files navigation

Firstpartyselector

DO NOT USE THIS, USE scan_all_top_level_modules INSTEAD, THIS ALREADY ENSURES NO 3rd PARTY MODULES ARE SELECTED

Example project on using the API to automatically produce a scan where all first party modules are selected. Uses a published copy of verademo-dotnetcore from https://github.com/veracode/verademo-dotnetcore/tree/master/app .

Note that the 'beginscan.do' API supports 'scan_all_top_level_modules', this may however include third party modules. Veracode Static Analysis does not currently expose which modules are third party.

This example then does 2 scans:

  1. An "SCA SCAN" to get the 'detailedreport' with SCA component file_names.
  2. The actual "STATIC SCAN" where module names that match file names from the "SCA SCAN" components are ignored.

Note that the appId is hardcoded in the uploadCommand.

Running it can be done with mvn -DskipTests clean package && java -jar target/firstpartyselector-0.0.1-SNAPSHOT.jar.

About

Example of using the Veracode Java API wrapper to select all first party modules.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages