FEA403 - Regularly scan for known security vulnerabilities
| Feature ID | FEA403 |
| Subsystem the feature is part of | Regularly scan for known security vulnerabilities |
| Responsible person | Mikko Partanen |
| Status | Done |
Description
We run SAST, secret detection and dependency scanning in the codebase whenever new code is pushed to any branch. This is achieved with a CI script in the GitLab repo.
Restrictions, requirements and use cases related to this feature
All relevant issues related to or contributing to the definition of the feature are gathered here
| Use Case 1 | |
| Use Case 2 | |
| Requirement ReqID | |
| Requirement ReqID |
Preliminary user stories
- As a developer, I want to regularly scan the codebase and dependencies for known security vulnerabilities and address them promptly. US017
User interface mock-up
Add a picture or a link here. The mock-up should be essentially related to the feature/functionality.
Testing / possible acceptance criteria
Write down some notions for testing
No testing planned.