-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configure WhiteSource Bolt for GitHub #90
Conversation
Hard-Coded Secrets (323)node/deps/openssl/openssl/apps/apps.c Line 2518 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 435 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 438 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 452 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 470 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 473 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 486 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 538 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 541 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 545 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 555 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 575 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 576 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 579 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 580 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 584 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 594 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 595 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 617 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 618 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 619 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 622 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 623 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 624 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 628 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 629 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 639 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 640 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 641 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 977 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 978 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 992 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 993 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 994 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1009 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1010 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1024 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1025 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1026 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1041 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1042 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1056 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1057 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1058 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1073 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1074 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1088 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1089 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1090 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1105 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1106 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1120 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1121 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1122 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1330 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1331 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1332 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1333 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1334 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1336 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1344 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1345 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1346 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1347 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1348 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1349 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1350 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1358 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1359 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1360 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1361 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1362 in 9030419
node/deps/openssl/openssl/crypto/ec/ectest.c Line 1364 in 9030419
node/deps/openssl/openssl/ssl/ssltest.c Line 637 in 9030419
Line 10 in 9030419
Line 36 in 9030419
node/deps/v8/benchmarks/crypto.js Line 1668 in 9030419
node/deps/v8/benchmarks/crypto.js Line 1670 in 9030419
node/deps/v8/benchmarks/crypto.js Line 1671 in 9030419
node/deps/v8/benchmarks/crypto.js Line 1672 in 9030419
node/deps/v8/benchmarks/crypto.js Line 1673 in 9030419
node/deps/v8/benchmarks/crypto.js Line 1674 in 9030419
node/deps/v8/benchmarks/crypto.js Line 1675 in 9030419
node/deps/v8/benchmarks/earley-boyer.js Line 506 in 9030419
node/deps/v8/benchmarks/regexp.js Line 197 in 9030419
node/deps/v8/tools/SourceMap.js Line 78 in 9030419
node/deps/v8/tools/fuzz-harness.sh Line 36 in 9030419
https://github.com/turkdevops/node/blob/90304199c7e16ed46aa15e8c6af839cfc95166c2/deps/v8/tools/profviz/gnuplot-4.6.3-emscripten.js#L4095 Line 227 in 9030419
Line 432 in 9030419
Line 719 in 9030419
node/test/fixtures/keys/ec-key.pem Line 4 in 9030419
node/deps/openssl/openssl/apps/client.pem Line 26 in 9030419
node/test/fixtures/test_key.pem Line 1 in 9030419
node/test/fixtures/pass-key.pem Line 1 in 9030419
Line 1 in 9030419
Line 21 in 9030419
node/test/fixtures/foafssl.key Line 5 in 9030419
node/test/simple/test-tls-econnreset.js Line 55 in 9030419
node/test/simple/test-crypto.js Line 1173 in 9030419
node/deps/openssl/openssl/demos/sign/sig.txt Line 148 in 9030419
node/deps/openssl/openssl/apps/server.pem Line 26 in 9030419
node/deps/openssl/openssl/doc/apps/dsa.pod Line 129 in 9030419
node/deps/openssl/openssl/doc/apps/rsa.pod Line 146 in 9030419
node/deps/openssl/openssl/doc/apps/ec.pod Line 144 in 9030419
node/deps/openssl/openssl/doc/apps/pkcs8.pod Line 145 in 9030419
node/deps/openssl/openssl/doc/crypto/pem.pod Line 440 in 9030419
node/deps/openssl/openssl/ms/keyU.ss Line 1 in 9030419
node/deps/openssl/openssl/ms/keyCA.ss Line 1 in 9030419
Line 270 in 9030419
Line 272 in 9030419
Line 352 in 9030419
Line 353 in 9030419
Line 426 in 9030419
Line 427 in 9030419
Line 629 in 9030419
Line 636 in 9030419
Line 733 in 9030419
Line 739 in 9030419
Line 744 in 9030419
Line 751 in 9030419
Line 766 in 9030419
Line 772 in 9030419
Line 788 in 9030419
Line 795 in 9030419
Line 1018 in 9030419
Line 1019 in 9030419
Line 1025 in 9030419
Line 1026 in 9030419
Line 1485 in 9030419
Line 1486 in 9030419
Line 1487 in 9030419
Line 898 in 9030419
Line 907 in 9030419
node/deps/npm/test/tap/outdated-git.js Line 21 in 9030419
Line 12 in 9030419
Line 16 in 9030419
More info on how to fix Hard-Coded Secrets in General and Python. Insecure Use of Language/Framework API (311)node/benchmark/buffers/buffer-compare.js Line 32 in 9030419
node/benchmark/buffers/buffer-compare.js Line 33 in 9030419
node/benchmark/crypto/cipher-stream.js Line 50 in 9030419
Line 19 in 9030419
node/benchmark/http/chunked.js Line 21 in 9030419
node/benchmark/http/end-vs-write-end.js Line 26 in 9030419
Line 53 in 9030419
node/benchmark/http_simple_auto.js Line 48 in 9030419
Line 28 in 9030419
Line 25 in 9030419
node/benchmark/net/net-pipe.js Line 25 in 9030419
Line 25 in 9030419
node/benchmark/net/tcp-raw-c2s.js Line 79 in 9030419
node/benchmark/net/tcp-raw-pipe.js Line 76 in 9030419
node/benchmark/net/tcp-raw-s2c.js Line 51 in 9030419
node/benchmark/tls/throughput.js Line 25 in 9030419
Line 115 in 9030419
Line 87 in 9030419
Line 144 in 9030419
Line 925 in 9030419
Line 203 in 9030419
Line 6 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/hoek/lib/escape.js Line 60 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/hoek/lib/escape.js Line 76 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/hoek/lib/index.js Line 37 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/hoek/lib/index.js Line 485 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/hoek/lib/index.js Line 500 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/hoek/test/index.js Line 189 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/hoek/test/index.js Line 190 in 9030419
node/deps/npm/node_modules/request/node_modules/hawk/node_modules/sntp/test/index.js Line 124 in 9030419
node/deps/npm/node_modules/request/node_modules/http-signature/node_modules/asn1/lib/ber/writer.js Line 45 in 9030419
node/deps/npm/node_modules/request/node_modules/http-signature/node_modules/asn1/lib/ber/writer.js Line 305 in 9030419
Line 29 in 9030419
Line 37 in 9030419
Line 46 in 9030419
Line 55 in 9030419
Line 64 in 9030419
Line 73 in 9030419
Line 82 in 9030419
Line 91 in 9030419
Line 101 in 9030419
Line 114 in 9030419
Line 147 in 9030419
Line 291 in 9030419
node/deps/npm/node_modules/request/node_modules/http-signature/node_modules/ctype/ctype.js Line 142 in 9030419
node/deps/npm/node_modules/request/request.js Line 441 in 9030419
node/deps/npm/node_modules/request/request.js Line 1256 in 9030419
node/deps/npm/node_modules/request/request.js Line 1257 in 9030419
node/deps/npm/node_modules/request/request.js Line 1260 in 9030419
node/deps/npm/node_modules/sha/node_modules/readable-stream/lib/_stream_readable.js Line 144 in 9030419
node/deps/npm/node_modules/sha/node_modules/readable-stream/lib/_stream_readable.js Line 925 in 9030419
node/deps/npm/node_modules/sha/node_modules/readable-stream/lib/_stream_writable.js Line 203 in 9030419
node/deps/npm/node_modules/tar/test/header.js Line 136 in 9030419
node/deps/npm/node_modules/tar/test/header.js Line 149 in 9030419
node/deps/npm/node_modules/tar/test/header.js Line 179 in 9030419
Line 125 in 9030419
Line 115 in 9030419
Line 120 in 9030419
Line 867 in 9030419
Line 237 in 9030419
Line 46 in 9030419
Line 472 in 9030419
Line 695 in 9030419
Line 50 in 9030419
Line 199 in 9030419
Line 1282 in 9030419
Line 51 in 9030419
Line 260 in 9030419
Line 249 in 9030419
Line 333 in 9030419
Line 468 in 9030419
Line 499 in 9030419
Line 981 in 9030419
Line 1003 in 9030419
Line 1449 in 9030419
Line 1755 in 9030419
Line 716 in 9030419
Line 43 in 9030419
Line 59 in 9030419
Line 233 in 9030419
Line 383 in 9030419
Line 580 in 9030419
node/test/disabled/test-fs-largefile.js Line 36 in 9030419
node/test/disabled/test-fs-largefile.js Line 38 in 9030419
node/test/fixtures/GH-892-request.js Line 46 in 9030419
node/test/pummel/test-buffer-big.js Line 26 in 9030419
node/test/pummel/test-https-no-reader.js Line 39 in 9030419
node/test/pummel/test-regress-GH-814.js Line 25 in 9030419
node/test/pummel/test-regress-GH-814.js Line 65 in 9030419
node/test/pummel/test-regress-GH-814_2.js Line 73 in 9030419
node/test/pummel/test-regress-GH-814_2.js Line 99 in 9030419
node/test/pummel/test-stream2-basic.js Line 32 in 9030419
node/test/simple/test-buffer-slice.js Line 27 in 9030419
node/test/simple/test-buffer.js Line 364 in 9030419
node/test/simple/test-buffer.js Line 369 in 9030419
node/test/simple/test-buffer.js Line 373 in 9030419
node/test/simple/test-buffer.js Line 377 in 9030419
node/test/simple/test-buffer.js Line 382 in 9030419
node/test/simple/test-buffer.js Line 386 in 9030419
node/test/simple/test-buffer.js Line 389 in 9030419
node/test/simple/test-buffer.js Line 394 in 9030419
node/test/simple/test-buffer.js Line 403 in 9030419
node/test/simple/test-buffer.js Line 404 in 9030419
node/test/simple/test-buffer.js Line 406 in 9030419
node/test/simple/test-buffer.js Line 407 in 9030419
node/test/simple/test-buffer.js Line 432 in 9030419
node/test/simple/test-buffer.js Line 454 in 9030419
node/test/simple/test-buffer.js Line 465 in 9030419
node/test/simple/test-buffer.js Line 569 in 9030419
node/test/simple/test-buffer.js Line 622 in 9030419
node/test/simple/test-buffer.js Line 629 in 9030419
node/test/simple/test-buffer.js Line 639 in 9030419
node/test/simple/test-buffer.js Line 812 in 9030419
node/test/simple/test-buffer.js Line 875 in 9030419
node/test/simple/test-buffer.js Line 885 in 9030419
node/test/simple/test-buffer.js Line 948 in 9030419
node/test/simple/test-buffer.js Line 954 in 9030419
node/test/simple/test-buffer.js Line 974 in 9030419
node/test/simple/test-buffer.js Line 991 in 9030419
node/test/simple/test-buffer.js Line 1125 in 9030419
Insecure File Management (978)Insecure Use of Dangerous Function (591)Information Disclosure (866)Insecure Use of Regular Expressions (323)Insecure Use of Crypto (48)Vulnerable Libraries (1)Insecure Processing of Data (20)Insecure Use of SQL Queries (1)Insecure Network Communication (3)👉 Go to the dashboard for detailed results. 📥 Happy? Share your feedback with us. |
Welcome to WhiteSource Bolt for GitHub! This is an onboarding PR to help you understand and configure settings before WhiteSource starts scanning your repository for security vulnerabilities.
🚦 WhiteSource Bolt for GitHub will start scanning your repository only once you merge this Pull Request. To disable WhiteSource Bolt for GitHub, simply close this Pull Request.
What to Expect
This PR contains a '.whitesource' configuration file which can be customized to your needs. If no changes were applied to this file, WhiteSource Bolt for GitHub will use the default configuration.
Before merging this PR, Make sure the Issues tab is enabled. Once you merge this PR, WhiteSource Bolt for GitHub will scan your repository and create a GitHub Issue for every vulnerability detected in your repository.
If you do not want a GitHub Issue to be created for each detected vulnerability, you can edit the '.whitesource' file and set the 'minSeverityLevel' parameter to 'NONE'.
❓ Got questions? Check out WhiteSource Bolt for GitHub docs.
If you need any further assistance then you can also request help here.