The SOOS GitHub QuickScan allows you to quickly view any vulnerability or license issues associated with a project/branch in GitHub without needing to make a commit.    

Before performing a GitHub QuickScan, you will be required to integrate with your GitHub account, after which you can run a QuickScan against your public or private repositories. 

  • To configure your GitHub integration to allow auto-scanning with each commit, follow instructions in the above linked article to learn about Enabling GitHub Webhooks.

To perform a Github QuickScan

  1. Within the SOOS application, select GitHub Quickscan in the left navigation menu.
  2. Choose the desired Repository and Branch then select Scan.
  3. While the analysis is running, the Recent Scans icon in the left navigation menu will indicate 1 active scan in progress.
  4. Once the analysis is complete, the scan results will display as a project on the Dashboard.  
    • If a project already exists for the branch that was QuickScanned, the scan results will file under that project.
    • If a QuickScan is the first scan for that branch, and a subsequent GitHub webhook scan is performed, the webhook scan results will file under the project with matching branch information.