Codacy provides a Security Monitor, a way for you to quickly view all the security alerts at once. It's a summarised way to see security alerts.
Currently, the security monitor is only available to:
- Ruby (since 10/Jan/2017)
- Scala (since 10/Jan/2017)
- Python (since 02/Feb/2017)
- Java (since 02/Feb/2017, only for Enterprise version)
Our security monitor is built using the security patterns from:
For each security category listed on the left side, 4 possible states are possible
- If there's any security issue on that category, the category has problems, and a red cross will be shown on the left
- Yellow indicates you need to enable the pattern for the category to be verified. You can also enable all patterns
- If Codacy cannot be sure if you have all the corresponding security category patterns enabled, a blue info icon will be shown at the left. This happens if you are using a configuration file, or if you are using our UI to select the patterns but not all the category patterns are enabled
- If you have all the category patterns enabled, and no issues have been found, means that everything is ok, and a green check will be shown.