Look for a
lock () or https:// as an added precaution. Share sensitive
information only on official, secure websites.
All project code hosted on SHIP-HATS 2.0 GitLab are transparently onboarded to XCA.
XCA runs when new code is committed directly to the default branch, or when a Merge Request is completed: Scan changed files in the default branch.
To access XCA findings:
When new code is committed to the default branch: Following the scan’s completion, any identified findings will be accessible on the project’s Security & Compliance > Vulnerability Report page. XCA findings are marked as “XCA” under the Identifier and Tool columns.
Thanks for letting us know that this page is useful for you!
If you've got a moment, please tell us what we did right so that we can do more of it.
Did this page help you? - No
Thanks for letting us know that this page still needs work to be done.
If you've got a moment, please tell us how we can make this page better.
XCA
A Set of Custom Rules That Detect Repeated Vulnerabilities in Code