Product Documentation
Product Documentation
Welcome To Reshift
Getting Started
Scan Your First Project
Signing Up Using GitHub
Signing Up Using Bitbucket
Signing Up Using GitLab
Scanning Maven Projects
Scanning Gradle Projects
Granting Reshift GitHub Organization Access After Signing up
Setting Projects Up Using NPM
Product Features
Security Gates
Autofix
Code Review Workflow
Integrations
GitHub Actions
Circle CI
Jenkins
GitLab
IDE plugins
IntelliJ IDE
Reshift Security Model
Source Code Security in Reshift
User Authentication Mode in Reshift
Report Bundles and Call Graphs
Common Questions and Answers
How do you ensure Reshift's own security?
How do I know my code is secure?
Why do you need access to my source code?
What permissions does reshift gain access to?
Can I try reshift without giving access to my source code?
Why do I need to sign up with GitHub, Bitbucket, or Gitlab?
Powered by GitBook

Why do you need access to my source code?

Reshift is a static code analysis tool that operates on both the source code and the binaries. reshift primarily needs continuous access to the source code for the following reasons:

  • To display accurate diagnostic information to the user as they triage a vulnerability. Information such as line numbers for the vulnerabilities found, Git blame and branch information.

  • To be able to integrate security issues found into the Pull request workflow

If you have any more questions, please email us at info@reshiftsecurity.com!

Previous
How do I know my code is secure?
Next
What permissions does reshift gain access to?
Last updated 1 month ago