Allows for calling and viewing results of Veracode pipeline scans on Visual Studio.
Requires a Veracode Static Analysis license.
You can send questions and feedback in the Q&A section.
Instructions:
- Java installed
- A Veracode SAST subscription
Instructions:
- After installing the extensions, you should have, under Tools->Options... a Veracode - Pipeline Scan option.
- The Global Options contain your authentication configuration, the Scan Fail Criteria, and the proxy configuration.
- Project Options lets you set up project-specific configuration, like the build command and the file to scan.
- To start a scan, call Tools->Veracode - Start Pipeline Scan.
- The results will show up once the scan is completed.
- In case of error, the popup window (non-blocking) will contain the error found.
- For more detailed error output, you can enable verbose logging mode under Project Settings.
| |