The Veracode Greenlight for Android Studio plugin requires compilable Java files that successfully built into Java class files. If you are unable to scan with Greenlight for Android Studio, ensure you have a Java class file built for the Java file you want to scan.
To perform this task, you must have the Greenlight IDE User role.
Before you scan, Veracode recommends that you select Build Automatically for your project in the Project menu, and you have resolved any blocking build errors. A scan times out after one minute if there are any issues.
. Alternatively, you can click the green V icon in the menu
bar or use the shortkey Ctrl+Shift+G.You can also right-click a package file and select to scan all files contained in the package.
After the scan is complete, review the security findings on the
Veracode Greenlight tab.
The Veracode Greenlight results are summarized in the Findings subtab. In the Best Practices subtab, Veracode indicates the CWEs protected against in the code. The scan level indicates whether Veracode scanned at the package level or file level.
- Double-click a finding to locate the issue in the specific line of code in the scanned file.
Alternatively, right-click a finding to see the actions you can choose: open
the finding in the scanned file, show the finding details in a separate Details
pane, or filter by severity or