FEA404 - Enforce Secure Coding Practices
| Test Case ID | TC003 |
| Test case designer | Eetu Hyyrynen |
| Creation date | 23.02.2024 |
| Classification | functional / accessibility / security |
| Origin | Feature |
Test description / objective
Version 1.2 Ensure the application's source code, dependencies, and repository adhere to best security practices.
Pre-state
Tukko in virtual machine is accessible and running. My team has configured sast, secret detection and depency scanning.
Test Steps
| Step | Verify | Some notes |
|---|---|---|
| 1. | Open Vulnerability report on github | Have any of these programs detected vulnerabilities? |
| 2. | Try to push a new file through | |
| 3. | See if the programmes are running and examining the file |
End-State
All security programs have completed their scans, and results are available.
Determination of test result (Pass / Fail Criteria)
- PASS condition: All security programs run successfully.
- FAIL CONDITION: Any of the security programs fail to run.
