🖌️
Product Process Documentation
  • Product Process Documentation
  • Definition of Done (DoD)
    • General checkpoints
      • Specific checkpoints by team
    • Important process: QA review & PO review
      • QA Review
      • PO Review
  • Work Items
    • Product Backlog Item (PBI)
    • Bug
      • Basic rules for creating a bug
      • How to report a Bug
    • Bugs Management
  • Code Standards
  • Different Test Levels
    • Unit Test
      • Frontend Unit Testing
        • What is a Unit Test?
        • How do I know if I am developing a good unit test?
        • AAA (Arrange, Act and Assert)
        • Overloaded test suits
        • Setup & Teardown
          • JEST Mocks
          • FakeTimers
        • Istanbul Annotations
        • C8 Annotations
        • JEST Runner (Debug unit tests with Jest)
    • Component Test
      • Frontend Component Testing
        • What is Component Testing?
        • Best practices
        • Bad practices
        • Setup
          • Sandbox
          • Mocks, Services and Providers
          • Test scenario
    • Integration Test
      • Frontend Integration Testing
        • What is a Integration Test?
        • AAA (Arrange, Act and Assert)
        • Best Practices
        • Bad practices
        • Setup & Teardown
        • How to create a scenario
          • Create the migrated app
          • Add to project
        • How to debug
        • Common problems
      • Testing Driven Development Guide and recommendations
    • Functional Test
    • Security Testing
      • Security Testing Tools
      • Frontend Security Testing
    • Performance testing
    • Best Practices
    • Test Documentation
  • Run test projects
    • General steps
    • Specific steps by team
  • DevOps
    • Pipelines
    • Builds
    • Specific information by team
    • Test plan
    • Service Hooks for Azure DevOps Notifications
      • Slack Notifications
      • Microsoft Teams Notifications
  • Dashboards
    • General
    • QA Dashboards
  • Release Process
    • General Steps
    • Specific steps by team
  • Migration Cells
    • Basics of testing process
  • Release process
  • References
Powered by GitBook
On this page
  • Build pipelines
  • Release pipelines

Was this helpful?

  1. Different Test Levels
  2. Security Testing

Frontend Security Testing

This section will explain how SCA analysis is automated in our pipelines.

PreviousSecurity Testing ToolsNextPerformance testing

Last updated 1 year ago

Was this helpful?

Build pipelines

You can see the SCA phase of each framework here:

->

Release pipelines

For each framework we have a release pipeline with a demo to perform the SCA:

  • (JsnDemo)

  • (eShop)

  • (PBDemo & PBTW)

  • (SKS[WFNetKendoComponents] & C1Demo[C1Components])

Here the process is a little bit more complex because a release pipeline does not allow to publish artifacts, instead there is a build pipeline to publish the results so we can add it to the dashboard:

->

Build pipelines:

  • (eShop)

  • (PBDemo)

  • (PBTW)

  • (JnsDemo)

  • (C1Demo)

Finally you can see the result in the in the .

Security dashboard
npm audit widget
Product.WFNet.Integration-Janus
Product.WFNet.Integration_WebForms
Product.PBNet.Integration
Product.WFNet.Integration_net6
Mobilize.WFNet.Deployment_TargetCode_eShop_WebForms
Mobilize.PBNet.Deployment_TargetCode_PBDemo
Mobilize.PBNet.Deployment_TargetCode_PBTW
Mobilize.WFNet.Deployment_TargetCode_JanusDemo
Mobilize.WFNet.Deployment_TargetCode_C1Demo_netFramework6