Verify that your code is fixed
Install the CI Agent to break the build
Alert: The Docker tag new for the agent image was removed on 11/07/2024. If you currently use this tag, please switch for latest to preserve support and avoid disruption. You can use the CI Agent on any x86_64 machine in which Docker is installed. ...
Break the build
Now you can ignore vulnerabilities found with SCA when breaking the build. Read about the new --inherited argument. Fluid Attacks offers an automated security measure for your CI/CD pipeline to prevent builds with vulnerabilities from passing. ...
Verify whether a fix was successful
As part of the vulnerability management, you should reassess the code after a fix attempt. This is because a fix can introduce further vulnerabilities or be no fix at all for the original vulnerability. Read the section Fix your code to understand ...