Additional scanning #681
Additional scanning #681
Conversation
.github/workflows/scan.yml
Outdated
| -Dsonar.sources=Bitwarden/,BitwardenActionExtension/,BitwardenAutoFillExtension/,BitwardenShared/,BitwardenShareExtension/,BitwardenWatchApp/,BitwardenWatchShared/,Configs/,Networking/Sources/,Scripts/ | ||
| -Dsonar.tests=GlobalTestHelpers/,Networking/Tests/ |
There was a problem hiding this comment.
ℹ️ Double-check these paths for me.
There was a problem hiding this comment.
If I'm reading that correctly, it's going to include tests in the sonar.sources, since test files are alongside the non-test files. Is that what we want?
There was a problem hiding this comment.
No, it's not. I see the different design now vs. the authenticator app. Lemme fix.
There was a problem hiding this comment.
Pushed an update.
There was a problem hiding this comment.
I brought it up with the Authenticator app, too, but it might've gotten lost. Changes we make here on that should be brought over to the Authenticator app, too, since they both have the test files alongside the source files
There was a problem hiding this comment.
This will need to merge to test it, but I can take a look here and complete testing, then apply over at that other repo.
There was a problem hiding this comment.
|
No New Or Fixed Issues Found |
Bitwarden code coverageTotal coverage:
|
🎟️ Tracking
Internal change.
📔 Objective
Sets up SARIF output for Checkmarx scans so we can see results in GitHub and adds SonarCloud.
⏰ Reminders before review
🦮 Reviewer guidelines
:+1:) or similar for great changes:memo:) or ℹ️ (:information_source:) for notes or general info:question:) for questions:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion:art:) for suggestions / improvements:x:) or:warning:) for more significant problems or concerns needing attention:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt:pick:) for minor or nitpick changes