Scan Limitations
Limitation
Checkmarx One does not support cloning public / private repositories via SSH.
A public repository that doesn’t have any credentials is being cloned by default via HTTPS.
This also applies to private repositories.
The sub-module's address in .gitmodules file is in SSH format and thus causes an error.
There is a 5.5M LOC (Line of Code) limitation for repository/zip files scans. In case that the source file contains more than the limit permits we block the scan and an error message is displayed.
API Security currently supports Java - Spring 2.x and C# - ASP.NET 4.x Web API only.
Error Message
fetch-sources clone 'branch' failed, provided value:master : error creating SSH agent: "SSH agent requested but SSH_AUTH_SOCK not-specified"
Workaround
Changing the submodule's address inside .gitmodules file to HTTPS format, resolves the issue.