If you haven't already done so, you will need to follow the Setup Instructions before continuing.
We will use Hawkeye to automatically scan the code base for secrets and vulnerabilities. This is a useful tool to have in your pipeline, in order to prevent anyone in your team from accidentally committing secrets or vulnerabilities.
You can use the Hawkeye docker image to scan your repository with:
docker run --rm -v "$PWD/web:/target" hawkeyesec/scanner-cli:latestDid you find anything interesting?
Note: If you run Hawkeye on the root of the repo with the java-find-secbugs enabled, and you
have Talisman installed globally, then there may be a symlink in .git/hooks/pre-commit that will
trip up Hawkeye with the following error:
[error] Unexpected error occurred! ENOENT: no such file or directory, stat '/target/.git/hooks/pre-commit'If you get the error shown above, add the java-find-secbugs module to .hawkeyerc to resolve the error.