Skip to main content

Scan Limitations


  • Checkmarx One does not support cloning public / private repositories via SSH.

  • A public repository that doesn’t have any credentials is being cloned by default via HTTPS.

    • This also applies to private repositories.

  • The sub-module's address in .gitmodules file is in SSH format and thus causes an error.

  • There is a 5.5M LOC (Line of Code) limitation for repository/zip files scans. In case that the source file contains more than the limit permits we block the scan and an error message is displayed.

  • API Security currently supports Java - Spring 2.x and C# - ASP.NET 4.x Web API only.

Error Message

fetch-sources clone 'branch' failed, provided value:master : error creating SSH agent: "SSH agent requested but SSH_AUTH_SOCK not-specified"


Changing the submodule's address inside .gitmodules file to HTTPS format, resolves the issue.