cred-scan (#156)

qiaozha · ruowan · commit 1d7e2ddb3d73 · 2019-12-03T16:34:11.000+08:00
* cred-scan

* cred-scan

* cred scan

* update autorest version

* suppression
diff --git a/CredScanSuppressions.json b/CredScanSuppressions.json
@@ -0,0 +1,13 @@
+{
+  "tool": "Credential Scanner",
+  "suppressions": [
+    {
+     "file": "node_modules\\superagent\\docs\\index.md", 
+      "_justification": "Additional CredScan searcher specific to my team"
+    },
+    {
+     "file": "node_modules\\superagent\\docs\\test.html", 
+      "_justification": "Legitimate UT certificate file with private key"
+    }
+  ]
+}
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -19,3 +19,26 @@ steps:
 - task: PublishBuildArtifacts@1
   inputs:
     pathtoPublish: $(Build.SourcesDirectory)/drop
+
+- task: CredScan@2
+  inputs:
+    toolMajorVersion: 'V2'
+
+- task: PostAnalysis@1
+  inputs:
+    AllTools: false
+    APIScan: false
+    BinSkim: false
+    CodesignValidation: false
+    CredScan: true
+    FortifySCA: false
+    FxCop: false
+    ModernCop: false
+    PoliCheck: false
+    RoslynAnalyzers: false
+    SDLNativeRules: false
+    Semmle: false
+    TSLint: false
+    ToolLogsNotFoundAction: 'Standard'
+
+
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -11,7 +11,7 @@
   "dependencies": {
     "@ts-common/fs": "^0.2.0",
     "@ts-common/json-parser": "^0.7.0",
-    "autorest": "^2.0.0",
+    "autorest": "^2.0.4407",
     "glob": "^7.1.3",
     "js-yaml": "^3.13.1",
     "json-pointer": "^0.6.0",
