Does Fortify support jQuery and Node.js
Question
Does Fortify support jQuery and Node.js?
Answer
As of Fortify Version 4.40, Fortify has support for Node.js. jQuery is partially, but not completely supported, with improved support in Fortify version 16.10.
jQuery can be scanned with Fortify, though code utilizing jQuery may report errors when scanned. Errors relating to the use of jQuery should be discussed in a Readme file included with the secure code review validation package indicating which scan errors are related to the use of jQuery.
Please note that this only applies to errors/warnings related to jQuery, and that all vulnerabilities reported by Fortify regarding jQuery should still be audited.
See this technical note for more information on common Fortify findings in jQuery.
References
- Fortify version 4.40 release announcement
- Fortify version 16.10 release notes