2022-04-28 Confluence Server 7.13.0 - 7.20.x Confluence Data Center 7.13.0 - 7.20.x
[AC-34] automated Static application security testing (SAST) in CI Server
[AC-35] automated Software Composition Analysis (SCA) in CI Server + Dependency Upgrades
[AC-36] Confluence 7.18, 7.19 and 7.20 Compatibility
We worked really hard to implemet automated Software Composition Analysis (SCA) and Static application security testing (SAST) in our CI Environment. We use snyk.io as suggested by Atlassian.
We have checked all backend and frontend dependencies as part of the SCA scanning and upgraded all dependencies to the latest possible version.
Furthermore has the frontend and backend code been scanned with the SAST scanner and no findings were found.
Lastly the SCA and SAST scanning is now taking place as an automated process during our release process. This ensures for example that no vulnerable dependencies are used by the app and that there are for example no hardcoded secrets in the source code.
The SCA and SAST scanning makes our App even more secure and trustable in addition to our extensive End-to-End, REST API and Unit testuite.