veracode fix
Generates code fixes and, optionally, applies them to flaws in application source files using Veracode Fix. To get started, see the quickstart.
Your system must have Git installed.
Usage
./veracode fix <source> [flags]
Arguments
Argument | Description |
---|---|
source | Location of the application source files you want to fix based on the target --type . If --type is file , enter the path to a file. If --type is directory , enter the path to the directory of files. |
Flags
Flag | Description |
---|---|
-t, --type | Target type you want to fix. Values are file , to fix flaws in a single file, or directory , to fix flaws in multiple files in a directory. Default is file . If the target is directory , Fix automatically applies the top suggested fix to all flaws in all files in the directory. For a directory target, if a suggested fix might cause breaking changes in your code, Fix does not apply it. |
-r, --results | Location of the results file, in JSON format, from a Static Analysis of your application using the veracode static scan command. Default is results.json in the current directory. |
-i, --issue-id | For a target --type of file , the numeric ID of an issue in results_file that you want to fix in source_file . If you include this flag, Fix does not return a list of issues. |
-a, --apply | For a target --type of file , applies the top suggested fix to a flaw in source_file or to a specific flaw you entered for issue_ID . If you include this flag, Fix does not return a list of fixes. To revert a fix, use a version control system, such as Git. |
-v, --verbose | Display verbose output. |
-h , --help | Show help for this command. |
Examples
To analyze a Java source file using a results file with the default filename and location, run:
./veracode fix my_java_application/commands/IgnoreCommand.java --type file
To analyze a Java source file using a results file in a custom location, run:
./veracode fix my_java_application/commands/IgnoreCommand.java --type file --results my_results/results.json
To automatically apply a fix to a specific issue in a Java file using a results file in a custom location, run:
./veracode fix my_java_application/commands/IgnoreCommand.java --results my_results/results.json --issue-id 1234 --apply