Look for a
lock () or https:// as an added precaution. Share sensitive
information only on official, secure websites.
All project code hosted on SHIP-HATS 2.0 GitLab are transparently onboarded to XCA.
XCA CI runs in two situations:
- When a Merge Request is created: Scan changed files in the Merge Request.
- When new code is committed to the default branch: Scan all files on the default branch.
To access XCA findings:
- When a Merge Request is created: Wait for the job to complete and check the security scanning Merge Request widget.
Fig 1: A screenshot of the Merge Request. - When new code is committed to the default branch: Wait for the job to complete and check the project’s Security & Compliance > Vulnerability Report page. XCA findings are marked as “XCA” under the Identifier and Tool columns.
Fig 2: A screenshot of the XCA findings on the Vulnerability Report page.
Last updated 06 March 2023
Thanks for letting us know that this page is useful for you!
If you've got a moment, please tell us what we did right so that we can do more of it.
Did this page help you? - No
Thanks for letting us know that this page still needs work to be done.
If you've got a moment, please tell us how we can make this page better.