Frontend Security Testing

This section will explain how SCA analysis is automated in our pipelines.

Build pipelines

You can see the SCA phase of each framework here:

Release pipelines

For each framework we have a release pipeline with a demo to perform the SCA:

Product.WFNet.Integration-Janus (JsnDemo)
Product.WFNet.Integration_WebForms (eShop)
Product.PBNet.Integration (PBDemo & PBTW)
Product.WFNet.Integration_net6 (SKS[WFNetKendoComponents] & C1Demo[C1Components])

Here the process is a little bit more complex because a release pipeline does not allow to publish artifacts, instead there is a build pipeline to publish the results so we can add it to the dashboard:

Build pipelines:

Mobilize.WFNet.Deployment_TargetCode_eShop_WebForms (eShop)
Mobilize.PBNet.Deployment_TargetCode_PBDemo (PBDemo)
Mobilize.PBNet.Deployment_TargetCode_PBTW (PBTW)
Mobilize.WFNet.Deployment_TargetCode_JanusDemo (JnsDemo)
Mobilize.WFNet.Deployment_TargetCode_C1Demo_netFramework6 (C1Demo)

Finally you can see the result in the Security dashboard in the npm audit widget.

PreviousSecurity Testing Tools NextPerformance testing

Last updated 1 year ago