Skip to main content

Exclude unverifiable files

Summary​

Binary and other types of files, which are often not audited for security purposes, should not be stored in the source code repository.

Description​

Binary files usually have a file size greater than their source counterpart, which can eventually affect a repositorys performance. Changes done to them are often hard to track for versioning tools or make no sense for a reviewer. Furthermore, security audits on binary files are more complicated or simply not performed, and these could contain serious vulnerabilities such as backdoors, rootkits and exposed sensitive information.

Supported In​

This requirement is verified in following services:

PlanSupported
Machine🟢
Squad🟢
One-Shot🟢

References​

Vulnerabilities​