BestHub
Sign in
Tag

Code Scanning

0 views collected around this technical thread.

Rare Earth Juejin Tech Community
Rare Earth Juejin Tech Community
Aug 29, 2023 · Information Security

Top 5 VS Code Extensions for Enhancing Code Security

This article introduces five essential Visual Studio Code extensions—1Password, Decompiler, Cloak, ESLint, and Snyk—that help developers securely manage secrets, decompile binaries, hide sensitive values, enforce safe coding standards, and automatically scan for vulnerabilities within the editor.

CloakCode ScanningPassword Management
0 likes · 11 min read
Top 5 VS Code Extensions for Enhancing Code Security
Efficient Ops
Efficient Ops
Mar 24, 2023 · Information Security

How ICBC Built an Enterprise‑Scale Code Scanning Center to Boost Software Security

This article describes how Industrial and Commercial Bank of China tackled rising software vulnerabilities by establishing a unified code‑scanning center, integrating static, supply‑chain, and dynamic analysis tools, standardizing rules, and delivering one‑stop services that have scanned over 3.1 billion lines of code across the bank.

Banking ITCode ScanningSoftware Security
0 likes · 7 min read
How ICBC Built an Enterprise‑Scale Code Scanning Center to Boost Software Security
Efficient Ops
Efficient Ops
Sep 27, 2022 · Operations

How a Bank’s DevOps Team Boosted Code Quality with Unit Testing and Automation

The article details how China Construction Bank's software development center enhanced code quality and accelerated delivery by integrating unit testing, test‑driven development, mutation testing, automated test code generation, code‑style scanning, and shared template mechanisms within a mature DevOps pipeline.

AutomationCode ScanningMutation Testing
0 likes · 8 min read
How a Bank’s DevOps Team Boosted Code Quality with Unit Testing and Automation
DevOps Engineer
DevOps Engineer
Nov 10, 2021 · Information Security

Guide to Using Synopsys Polaris SaaS for Static Application Security Testing (SAST)

This article explains what Synopsys Polaris is, lists the programming languages it supports, describes how to access the SaaS platform, install the CLI, configure the polaris.yml file with capture and analysis settings, and run scans to obtain detailed vulnerability reports.

Code ScanningPolarisSAST
0 likes · 6 min read
Guide to Using Synopsys Polaris SaaS for Static Application Security Testing (SAST)
DevOps Cloud Academy
DevOps Cloud Academy
Nov 1, 2021 · Operations

Integrating SonarQube Code Scanning with GitLab Commit Status

This guide explains how to set up SonarQube and Sonar‑scanner for static code analysis, run the scanner with project parameters, install the Sonar‑GitLab plugin, configure commit‑status integration, and use the resulting GitLab commit status to enforce merge‑request policies based on pipeline outcomes.

CI/CDCode ScanningGitLab
0 likes · 3 min read
Integrating SonarQube Code Scanning with GitLab Commit Status
DevOps Cloud Academy
DevOps Cloud Academy
Feb 24, 2021 · Operations

Integrating SonarQube Code Scanning with GitLab Commit Status

This guide explains how to install SonarQube and Sonar‑scanner, configure scanning parameters, add the Sonar‑GitLab plugin, and use additional properties to link scan results to GitLab commit statuses, enabling pipeline‑based merge request control.

CI/CDCode ScanningGitLab
0 likes · 4 min read
Integrating SonarQube Code Scanning with GitLab Commit Status
Byte Quality Assurance Team
Byte Quality Assurance Team
Dec 11, 2020 · Fundamentals

Introduction to Static Code Analysis and Common Scanning Rules with Practical Examples

This article introduces static code analysis, outlines its advantages and disadvantages, presents eight typical scanning rule categories, and demonstrates common pitfalls such as null‑pointer dereferences, logic errors, uninitialized variables, and potential overflow issues with concrete code examples.

Best PracticesC++Code Scanning
0 likes · 7 min read
Introduction to Static Code Analysis and Common Scanning Rules with Practical Examples
360 Tech Engineering
360 Tech Engineering
Nov 12, 2019 · Information Security

Improving Product Quality through Code Vulnerability Scanning and Deep Code Search

The article explains why and when to scan product code for vulnerabilities, describes static source‑code and binary scanning methods, introduces deep code‑search techniques, outlines the system architecture and incremental indexing pipeline, and shows how these practices can substantially raise overall product quality.

Code ScanningSphinxcode search
0 likes · 13 min read
Improving Product Quality through Code Vulnerability Scanning and Deep Code Search