CSTI alpha active scan rule#7470
Conversation
|
All contributors have signed the CLA ✍️ ✅ |
|
I have read the CLA Document and I hereby sign the CLA |
|
Great job! No new security vulnerabilities introduced in this pull requestUse @Checkmarx to interact with Checkmarx PR Assistant. |
|
A few quick observations.
|
|
Also use imports instead of fully qualified class access, ex: |
|
Understandable, thank you very much for your remarks. |
|
That's just quick hits, it'll need a much more detailed review. I just wanted to give you something to move along over the weekend if you choose to. The others probably won't reply until the work week, and even then it'll depend on workload/priorities. Thanks for your interest and tackling this!! |
|
If you don't mind I will open a new draft PR from another branch when I finish tackling all the given remarks , only this time ofc . This just makes it easier for me. |
|
You can always work in a different local branch, then delete this one locally (when you're sure), recreate it locally from the branch you've cleaned up and push to the same branch as this PR. (Force push) So like call this |
7397f9d to
09df9a0
Compare
Co-authored-by: Beraoud Abdelkhalek <89158254+beraoudabdelkhalek@users.noreply.github.com>

This is a draft PR to gather feedback from the team. I think I've implemented the core functions of this alpha rule.
For an overview, check my blog post: https://nabilkara.github.io/posts/tools/csti-zap/