Repository

Under Code -> Repositories, you are able to drill down into different views for each repository. Specifically:

• Modules

• API Endpoints

• Source Findings

• Secrets

• Active Contributors

These views provide insight into how a repository is structured, its interfaces, analysis of the code's security weaknesses, its exposure of secrets, and the code base contributors.

Modules

As defined under Welcome to Heeler > Terminology, a Module is a logical “entry point” or “service boundary” within a source-code repository. In a multi-service repository, each Module identifies a distinct application, microservice, or component—along with any configuration parameters it needs in order to build, test, or scan that slice of code in isolation.

Breaking down repositories into Modules allows for prioritization, more focused analysis, and remediation.

API Endpoints

API Endpoints lists the method and path of individual endpoints with links to the applicable Module and additional information like file location of the endpoint definition, link to its location in the repository, and when it was first seen.

Source Findings

Source Findings includes the results from Static Application Security Testing and Software Composition Analysis of your code with details on the Finding source, severity, confidence of analysis, and number of instances of the Finding.

For each Finding, there is a drill down available to the actual files and file line numbers where the Finding is located with a link to go to the location in your code repository.

Secrets

Secrets lists secrets found in the repository with links to its location in the repository and the timestamp of when it was detected.

Active Contributors

Active Contributors lists the individuals who have roles related to committing code to the repository, e.g., developers, reviewers, and commenters.