Understanding Greenlight for IntelliJ Technical Requirements

Veracode Greenlight

Veracode Greenlight is designed to scan a file or small package. For this reason, initiating a scan at the project level is restricted. For project-level scans, use Veracode Static Analysis.

Greenlight for IntelliJ supports Java, JavaServer Pages (JSP), and the Java platforms and frameworks listed in the Compilation Instructions for Java.

Greenlight for IntelliJ can only scan Java classes that compile correctly and ignores all other files. It can also scan top-level packages that contain other packages, as well as non-minified1 JavaScript files. It is only possible to scan JavaScript embedded in the following file types: ASP, CSS, EHTML, ES, ES6, HANDLEBARS, HBS, HJS, HTM, HTML, JS, JSON, JSP, JSX, MAP, MUSTACHE, PHP, TS, TSX, and XHTML.

The Veracode Greenlight plugin uses the following two certificates that are signed by a certificate authority: downloads.veracode.com and api.veracode.com.

In addition to using Greenlight for IntelliJ, Veracode recommends that you perform a full static analysis scan using the Veracode Platform or the Veracode IntelliJ Plugin to achieve comprehensive coverage, actionable results, and policy-level reporting to determine application production readiness.

Note: The Greenlight for IntelliJ plugin has minimal impact to your local system. If your environment is outside of the above requirements and you are interested in the Veracode Greenlight plugin, email support@veracode.com regarding your interest, and the IDE tools, IDE version, and programming languages you use in your job.
1 Non-minified code has not had unnecessary characters such as white space, new lines, comments, and block delimiters removed.