- Checkmarx Documentation
- SAST/SCA Integrations
- IDE Plugins
- Eclipse Plugin
- Configuring Projects as Private
Configuring Projects as Private
Developers who create a draft project and do not want the results visible to other users can define the project as private, which renders the project scans invisible to other users with the following exceptions:
The scan's owner (the user)
Users with Server Manager privileges
Users whose location in the hierarchy is higher than that of the user. These users can only read or delete private projects defined in lower hierarchy levels, and they cannot edit or modify these projects.
Notice
Projects can only be set to private, if you create a new project on an IDE platform. The example below uses an Eclipse environment.
To define a project as private:
Right-click the project's name.
Click CxViewer > Scan. The Upload Sources dialog appears and you can add the new scan to an existing project or create a new CxProject as outlined in the table below.
In the Upload Source dialog box, define the scan or project as outlined in the table below.
The table below lists and explains the available parameters.
Parameter | Description |
---|---|
Project Name | Field to create a new project or select an existing one from the dropdown list. Projects reside on the CxServer host. |
Description | Add a short description for the new scan (optional). |
Preset | Select a preset from the dropdown list. The presets reside on the CxServer host. |
Team | Select a team from the dropdown list. The teams reside on the CxServer host |
Project is Private | Checked by default. To make the project public, clear the checkbox. If checked, all scans in this project are private. The Scan is Private checkbox is unavailable. |
Override Project Settings | Unchecked by default. If checked while performing a scan for an existing project, it will override the project presetId and teams on the SAST server. |
Scan is Private | Checked by default. To make the scan public, clear the checkbox. If checked, the relevant scan is private, but the project itself remains public. |
Repeating Scans of a Project
First scan: If you run the first scan of a project, it is scanned without binding the project.
Second scan: When you start a second scan of a project, the Project Scan window appears, asking, if you want to bind the scan to the corresponding project.
To bind and scan the source, click <Yes>. This process takes considerably longer than just a scan.
To scan without binding to the corresponding project, click <No>. The Upload Sources dialog appears again and you have to choose another project from the list or create a new one as explained above.