Uploaded image for project: 'Red Hat OpenShift Data Science'
  1. Red Hat OpenShift Data Science
  2. RHODS-2544

[Spike]check for code vulnerability

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • None
    • None
    • RHOSi 1.9

      We can enhance our CI with perform automatic reviews with static analysis of code to detect bugs, code quality, and security vulnerabilities  on our private downstream and upstream code

      • Discuss on the tool or better tool to use it 
      • Sonarqube(open source). We have jenkins plugin as well 
      • No built-in support for Robot Framework, but it could be added using:
      • Adding Coding Rules
      • Importing Third-Party Issues
      • Explore Semgrep
      • Discus how we can implement it 
      • How we can apply for our python,robot,shell script etc

              takumar@redhat.com Tarun Kumar
              takumar@redhat.com Tarun Kumar
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: