Help Center/ CodeArts Governance/ FAQs/ Binary Software Composition Analysis (SCA)/ How Do I Handle Information Leakage Risks?
Updated on 2025-06-05 GMT+08:00

How Do I Handle Information Leakage Risks?

CodeArts Governance decompresses and scans your software packages and firmware. It identifies information leakage risks, for example, sensitive IPs, Git/SVN repositories, weak passwords, and hard-coded keys.

By exporting reports, for example, PDF reports, you can view the risk details. The following information will be displayed for each risk, you can determine whether to mask or fix them based on your service requirements.

  • Risk type: For example, IP address leakage, hard-coded passwords, or Git address leakage
  • File path: Full path of the file where information leakage is detected in the package
  • Context: Risky lines and context lines
  • Content: Contents that are risky
  • Location: The exact lines and places of the risks