FEA403 - Regularly scan for known security vulnerabilities
Feature ID | FEA403 |
Subsystem the feature is part of | Regularly scan for known security vulnerabilities |
Responsible person | Mikko Partanen |
Status | Done |
Description
We run SAST, secret detection and dependency scanning in the codebase whenever new code is pushed to any branch. This is achieved with a CI script in the GitLab repo.
Restrictions, requirements and use cases related to this feature
All relevant issues related to or contributing to the definition of the feature are gathered here
Use Case 1 | |
Use Case 2 | |
Requirement ReqID | |
Requirement ReqID |
Preliminary user stories
- As a developer, I want to regularly scan the codebase and dependencies for known security vulnerabilities and address them promptly. US017
User interface mock-up
Add a picture or a link here. The mock-up should be essentially related to the feature/functionality.
Testing / possible acceptance criteria
Write down some notions for testing
No testing planned.