Azure Devops – OSS Scanning using WhiteSource

Posted by

Its about time your AzureDevops builds were scanning for OSS vulnerabilities, well your in luck as you can use this Marketplace Extension which is FREE: –

One you add the extension to your Organization you can add it into your build like so:-

This will scan your oss code and give you a detailed report on any vulnerabilities within your Azure Devops repository – #winning.

I have added it to a build I have and here is a sample of the report which you’ll see produced once you’ve added it into the build step.

The report looks like this: –

And below this you’ll see the following: –

An you’ll also see this: –

And this:-

Now you’ll get a report on open source vulnerabilities in your builds 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s