Branch Scan Configurations

Branch Scan Configurations allow specific actions to happen within SOOS based on the name of the branch. For accounts that are integrated with GitHub or CI/CD build systems this is a powerful way to filter which branches should be scanned, which should be perform automatic daily rescans, which to collect statistics for, and when to purge scans.

All Branch Scan Filters will include main and master by default. Removing the default branches will display the (*) wildcard which will ensure that all branches are scanned as well as the other associated settings being applied to all branches. Wildcards are supported within branch names/paths as well.

Daily Rescan will ensure that any branches matching this branch filter will run at least one daily scan. If activity occurs within the branch, such as code changes that trigger a scan, or a manual Rescan action from the SOOS UI, then no daily rescan will run that day.

Disabling Collect Statistics will allow scans to run for the specified branch filter, but the high level statistics will not show on any of the Dashboards and will not roll up to the Organization Management Dashboards. Additionally, packages and issues from these scans will not be included in the Search index.

For example, you may want to uncheck Collect Statistics for feature, fix, or research branches which are short lived and should not affect the organizations security posture as reported through the high level dashboard statistics. By default Collect Statistics will be enabled for all new branch filters.

The Retention Period selection allows users to schedule the automatic removal of inactive branches from SOOS. This is a great way to ensure that short lived feature or fix branches are cleaned up automatically. The length of time indicated represents how much time has passed since the last scan was initiated.