From 75481114077a3f04c97543217417bce518c57611 Mon Sep 17 00:00:00 2001 From: Teja Kummarikuntla Date: Tue, 26 Aug 2025 19:10:18 +0530 Subject: [PATCH 1/3] Document: GHAS Native Step --- .../set-up-scans/shared/sast-scanners.md | 13 +- .../set-up-scans/shared/sca-scanners.md | 11 +- .../set-up-scans/shared/secret-scanners.md | 3 +- .../github-advanced-security.md | 133 ++++++++++++++++++ .../shared/sto-supported-ingestion-formats.md | 2 +- .../shared/sto-supported-scanners.md | 1 + 6 files changed, 150 insertions(+), 13 deletions(-) create mode 100644 docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md diff --git a/docs/security-testing-orchestration/set-up-scans/shared/sast-scanners.md b/docs/security-testing-orchestration/set-up-scans/shared/sast-scanners.md index cacf7a839fe..29fed9c6313 100644 --- a/docs/security-testing-orchestration/set-up-scans/shared/sast-scanners.md +++ b/docs/security-testing-orchestration/set-up-scans/shared/sast-scanners.md @@ -6,9 +6,10 @@ 6. **[Coverity](/docs/security-testing-orchestration/sto-techref-category/coverity-scanner-reference)** - *open-source* 7. **[CodeQL](/docs/security-testing-orchestration/sto-techref-category/codeql-scanner-reference)** 8. **[FOSSA](/docs/security-testing-orchestration/sto-techref-category/fossa-scanner-reference)** -9. **[Mend](/docs/security-testing-orchestration/sto-techref-category/mend-scanner-reference)** (formerly known as WhiteSource) -10. **[Semgrep](/docs/security-testing-orchestration/sto-techref-category/semgrep/semgrep-scanner-reference)** - *open-source option* -11. **[Snyk](/docs/security-testing-orchestration/sto-techref-category/snyk/snyk-scanner-reference)** -12. **[SonarQube](/docs/security-testing-orchestration/sto-techref-category/sonarqube-sonar-scanner-reference)** -13. **[Veracode](/docs/security-testing-orchestration/sto-techref-category/veracode-scanner-reference)** -14. **[Wiz](/docs/security-testing-orchestration/sto-techref-category/wiz/repo-scans-with-wiz)** \ No newline at end of file +9. **[GitHub Advanced Security](/docs/security-testing-orchestration/sto-techref-category/github-advanced-security)** +10. **[Mend](/docs/security-testing-orchestration/sto-techref-category/mend-scanner-reference)** (formerly known as WhiteSource) +11. **[Semgrep](/docs/security-testing-orchestration/sto-techref-category/semgrep/semgrep-scanner-reference)** - *open-source option* +12. **[Snyk](/docs/security-testing-orchestration/sto-techref-category/snyk/snyk-scanner-reference)** +13. **[SonarQube](/docs/security-testing-orchestration/sto-techref-category/sonarqube-sonar-scanner-reference)** +14. **[Veracode](/docs/security-testing-orchestration/sto-techref-category/veracode-scanner-reference)** +15. **[Wiz](/docs/security-testing-orchestration/sto-techref-category/wiz/repo-scans-with-wiz)** \ No newline at end of file diff --git a/docs/security-testing-orchestration/set-up-scans/shared/sca-scanners.md b/docs/security-testing-orchestration/set-up-scans/shared/sca-scanners.md index c469f64a3ef..066ab565e54 100644 --- a/docs/security-testing-orchestration/set-up-scans/shared/sca-scanners.md +++ b/docs/security-testing-orchestration/set-up-scans/shared/sca-scanners.md @@ -1,8 +1,9 @@ 1. **[Aqua Trivy](/docs/security-testing-orchestration/sto-techref-category/trivy/aqua-trivy-scanner-reference)** - *open-source* 2. **[Checkmarx](/docs/security-testing-orchestration/sto-techref-category/checkmarx/checkmarx-scanner-reference)** 3. **[Checkmarx One](/docs/security-testing-orchestration/sto-techref-category/checkmarx/checkmarxone-scanner-reference)** -4. **[OSV Scanner](/docs/security-testing-orchestration/sto-techref-category/osv-scanner-reference)** - *open-source* -5. **[OWASP Dependency-Check](/docs/security-testing-orchestration/sto-techref-category/owasp-scanner-reference)** - *open-source* -6. **[Snyk](/docs/security-testing-orchestration/sto-techref-category/snyk/snyk-code-scanning)** -7. **[Veracode](/docs/security-testing-orchestration/sto-techref-category/veracode-scanner-reference)** -8. **[Wiz](/docs/security-testing-orchestration/sto-techref-category/wiz/repo-scans-with-wiz)** \ No newline at end of file +4. **[GitHub Advanced Security](/docs/security-testing-orchestration/sto-techref-category/github-advanced-security)** +5. **[OSV Scanner](/docs/security-testing-orchestration/sto-techref-category/osv-scanner-reference)** - *open-source* +6. **[OWASP Dependency-Check](/docs/security-testing-orchestration/sto-techref-category/owasp-scanner-reference)** - *open-source* +7. **[Snyk](/docs/security-testing-orchestration/sto-techref-category/snyk/snyk-code-scanning)** +8. **[Veracode](/docs/security-testing-orchestration/sto-techref-category/veracode-scanner-reference)** +9. **[Wiz](/docs/security-testing-orchestration/sto-techref-category/wiz/repo-scans-with-wiz)** \ No newline at end of file diff --git a/docs/security-testing-orchestration/set-up-scans/shared/secret-scanners.md b/docs/security-testing-orchestration/set-up-scans/shared/secret-scanners.md index 0afe10f3060..77cd2f64b22 100644 --- a/docs/security-testing-orchestration/set-up-scans/shared/secret-scanners.md +++ b/docs/security-testing-orchestration/set-up-scans/shared/secret-scanners.md @@ -1,3 +1,4 @@ 1. **[Aqua Trivy](/docs/security-testing-orchestration/sto-techref-category/trivy/aqua-trivy-scanner-reference)** - *open-source* 2. **[Checkmarx One](/docs/security-testing-orchestration/sto-techref-category/checkmarx/checkmarxone-scanner-reference)** -3. **[Gitleaks](/docs/security-testing-orchestration/sto-techref-category/gitleaks-scanner-reference)** - *open-source* \ No newline at end of file +3. **[Gitleaks](/docs/security-testing-orchestration/sto-techref-category/gitleaks-scanner-reference)** - *open-source* +4. **[GitHub Advanced Security](/docs/security-testing-orchestration/sto-techref-category/github-advanced-security)** \ No newline at end of file diff --git a/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md b/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md new file mode 100644 index 00000000000..ebcef542cfa --- /dev/null +++ b/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md @@ -0,0 +1,133 @@ +--- +title: GitHub Advanced Security step configuration +description: Scan code repositories with GitHub Advanced Security (GHAS). +sidebar_label: GitHub Advanced Security step configuration +sidebar_position: 201 +--- + + + + + +
+
+ +The GitHub Advanced Security (GHAS) step in Harness STO enables you to scan your code repositories from the following GHAS products: + +- **CodeQL (SAST):** Identify code vulnerabilities with CodeQL. Run scans in [**Orchestration**](#scan-mode), pull alerts via [**Extraction**](#scan-mode), or ingest results through [**Ingestion**](#scan-mode). +- **Dependabot (SCA):** Detect vulnerable open-source dependencies. Use [**Orchestration**](#scan-mode) for live scans or [**Extraction**](#scan-mode) and [**Ingestion**](#scan-mode) to feed existing issues into STO. +- **Secret Scanning:** Find exposed secrets like API keys or tokens. STO supports [**Extraction**](#scan-mode) and [**Ingestion**](#scan-mode) of GitHub alerts. + +:::info +- You can utilize custom STO scan images and pipelines to run scans as a non-root user. For more details, refer [Configure your pipeline to use STO images from private registry](./docs/security-testing-orchestration/use-sto/set-up-sto-pipelines/configure-pipeline-to-use-sto-images-from-private-registry). +- STO supports three different approaches for loading self-signed certificates. For more information, refer [Run STO scans with custom SSL certificates](./docs/security-testing-orchestration/use-sto/secure-sto-pipelines/ssl-setup-in-sto/#supported-workflows-for-adding-custom-ssl-certificates). + +import StoMoreInfo from './shared/more-information.md'; + + +::: + +## GitHub Advanced Security step settings + +The recommended workflow is to add a GitHub Advanced Security step to a **Security** or **Build** stage and then configure it as described below. + +### Scan + +#### Scan Mode + +* **Orchestration**: The step executes a the scan, normalizes the results, and deduplicates them. This mode is supported for **CodeQL** and **Dependabot** scan modes. +* **Extraction**: The step pulls existing scan results from the GitHub API for **CodeQL**, **Dependabot**, or **Secret Scanning**. +* **Ingestion**: The step ingests a SARIF file containing results from a GHAS scan that you ran previously. + +#### Scan Configuration + +import StoSettingProductConfigName from './shared/step-palette/scan/config-name.md'; + + + +* **CodeQL**: Use for Static Application Security Testing (SAST). +* **Dependabot**: Use for Dependency scanning. +* **Secret**: Use to detect exposed secrets in your codebase. + +### Target + +#### Type + +import StoSettingScanTypeRepo from './shared/step-palette/target/type/repo.md'; + + + +#### Name + +import StoSettingTargetName from './shared/step-palette/target/name.md'; + + + +#### Variant + +import StoSettingTargetVariant from './shared/step-palette/target/variant.md'; + + + +#### Workspace + +import StoSettingTargetWorkspace from './shared/step-palette/target/workspace.md'; + + + +### Ingestion File + +import StoSettingIngestionFile from './shared/step-palette/ingest/file.md'; + + + +### Authentication + +#### Access Token + +import StoSettingAuthAccessToken from './shared/step-palette/auth/access-token.md'; + + + +Use a GitHub fine-grained **Personal Access Token** with the following repository permissions, based on your scan mode. +Make sure **Repository access** is set to **All repositories** or **Only selected repositories**. + +| **Scan Mode** | **Permission** | **Level** | +|---------------|------------------------|---------------| +| **Orchestration** (CodeQL, Dependabot) | Code scanning alerts | Read & Write | +| | Dependabot alerts | Read & Write | +| | Secret scanning alerts | Read & Write | +| **Extraction** (All Scan Configurations) | Code scanning alerts | Read-only | +| | Dependabot alerts | Read-only | +| | Secret scanning alerts | Read-only | + + +### Log Level + +import StoSettingLogLevel from './shared/step-palette/all/log-level.md'; + + + +### Fail on Severity + +import StoSettingFailOnSeverity from './shared/step-palette/all/fail-on-severity.md'; + + + +### Additional Configuration + +import ScannerRefAdditionalConfigs from './shared/additional-config.md'; + + + +### Advanced settings + +import ScannerRefAdvancedSettings from './shared/advanced-settings.md'; + + + +## Proxy settings + +import ProxySettings from './shared/proxy-settings.md'; + + \ No newline at end of file diff --git a/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-ingestion-formats.md b/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-ingestion-formats.md index 3ca401414ce..77d263429a7 100644 --- a/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-ingestion-formats.md +++ b/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-ingestion-formats.md @@ -1,4 +1,3 @@ - :::info Static Analysis Results Interchange Format (SARIF) is an open JSON format supported by many scan tools, especially tools available as GitHub Actions. Harness STO can [ingest SARIF 2.1.0 data](/docs/security-testing-orchestration/custom-scanning/ingest-sarif-data) from any tool that supports this format. @@ -26,6 +25,7 @@ Harness recommends that you publish and ingest using the scanner-specific JSON f - **Fortify on Demand** — JSON - **Fossa** — JSON - **Gitleaks** — JSON _(recommended)_, SARIF +- **GitHub Advanced Security** — SARIF - **HQL AppScan** — XML - **Grype** — JSON - **Mend _(formerly Whitesource)_** — JSON diff --git a/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-scanners.md b/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-scanners.md index c6bc17b1c71..8d423377b06 100644 --- a/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-scanners.md +++ b/docs/security-testing-orchestration/sto-techref-category/shared/sto-supported-scanners.md @@ -51,6 +51,7 @@ A code scanner can detect one or more of the following issue types in your sourc
  • Fortify on Demand Orchestration, Extraction, Ingestion
  • Fortify Static Code Analyzer Ingestion
  • Fossa Ingestion
    • +
  • GitHub Advanced Security Orchestration, Extraction, Ingestion
  • Mend (formerly WhiteSource) Orchestration, Extraction, Ingestion
  • Nexus IQ Orchestration, Extraction, Ingestion
  • Qwiet AI (formerly ShiftLeft) Orchestration, Extraction, Ingestion
    • From f1288c6fd3e9f87b927a6a6653333111814671aa Mon Sep 17 00:00:00 2001 From: Teja Kummarikuntla Date: Wed, 27 Aug 2025 16:34:54 +0530 Subject: [PATCH 2/3] Fix Broken links --- .../sto-techref-category/github-advanced-security.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md b/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md index ebcef542cfa..3a27f5604e4 100644 --- a/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md +++ b/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md @@ -19,8 +19,8 @@ The GitHub Advanced Security (GHAS) step in Harness STO enables you to scan your - **Secret Scanning:** Find exposed secrets like API keys or tokens. STO supports [**Extraction**](#scan-mode) and [**Ingestion**](#scan-mode) of GitHub alerts. :::info -- You can utilize custom STO scan images and pipelines to run scans as a non-root user. For more details, refer [Configure your pipeline to use STO images from private registry](./docs/security-testing-orchestration/use-sto/set-up-sto-pipelines/configure-pipeline-to-use-sto-images-from-private-registry). -- STO supports three different approaches for loading self-signed certificates. For more information, refer [Run STO scans with custom SSL certificates](./docs/security-testing-orchestration/use-sto/secure-sto-pipelines/ssl-setup-in-sto/#supported-workflows-for-adding-custom-ssl-certificates). +- You can utilize custom STO scan images and pipelines to run scans as a non-root user. For more details, refer [Configure your pipeline to use STO images from private registry](/docs/security-testing-orchestration/use-sto/set-up-sto-pipelines/configure-pipeline-to-use-sto-images-from-private-registry). +- STO supports three different approaches for loading self-signed certificates. For more information, refer [Run STO scans with custom SSL certificates](/docs/security-testing-orchestration/use-sto/secure-sto-pipelines/ssl-setup-in-sto/#supported-workflows-for-adding-custom-ssl-certificates). import StoMoreInfo from './shared/more-information.md'; From da8aaf6ac6f99faf78ed68ae847c76005f29cbf9 Mon Sep 17 00:00:00 2001 From: Teja Kummarikuntla Date: Wed, 10 Sep 2025 01:05:59 +0530 Subject: [PATCH 3/3] Add Prerequisites for Scan Configs --- .../github-advanced-security.md | 88 +++++++++++-------- 1 file changed, 52 insertions(+), 36 deletions(-) diff --git a/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md b/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md index 3a27f5604e4..52ff4ba1d5f 100644 --- a/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md +++ b/docs/security-testing-orchestration/sto-techref-category/github-advanced-security.md @@ -14,30 +14,31 @@ sidebar_position: 201 The GitHub Advanced Security (GHAS) step in Harness STO enables you to scan your code repositories from the following GHAS products: -- **CodeQL (SAST):** Identify code vulnerabilities with CodeQL. Run scans in [**Orchestration**](#scan-mode), pull alerts via [**Extraction**](#scan-mode), or ingest results through [**Ingestion**](#scan-mode). -- **Dependabot (SCA):** Detect vulnerable open-source dependencies. Use [**Orchestration**](#scan-mode) for live scans or [**Extraction**](#scan-mode) and [**Ingestion**](#scan-mode) to feed existing issues into STO. -- **Secret Scanning:** Find exposed secrets like API keys or tokens. STO supports [**Extraction**](#scan-mode) and [**Ingestion**](#scan-mode) of GitHub alerts. +- **[CodeQL](#codeql) (SAST):** Identify code vulnerabilities. Supported in [**Orchestration**](#scan-mode), [**Extraction**](#scan-mode), and [**Ingestion**](#scan-mode). +- **[Dependabot](#dependabot) (SCA):** Detect vulnerable open-source dependencies. Supported in [**Orchestration**](#scan-mode), [**Extraction**](#scan-mode), and [**Ingestion**](#scan-mode). +- **[Secret Scanning](#secret-scanning):** Detect exposed secrets such as API keys and tokens. Supported in [**Extraction**](#scan-mode) and [**Ingestion**](#scan-mode). :::info -- You can utilize custom STO scan images and pipelines to run scans as a non-root user. For more details, refer [Configure your pipeline to use STO images from private registry](/docs/security-testing-orchestration/use-sto/set-up-sto-pipelines/configure-pipeline-to-use-sto-images-from-private-registry). -- STO supports three different approaches for loading self-signed certificates. For more information, refer [Run STO scans with custom SSL certificates](/docs/security-testing-orchestration/use-sto/secure-sto-pipelines/ssl-setup-in-sto/#supported-workflows-for-adding-custom-ssl-certificates). - -import StoMoreInfo from './shared/more-information.md'; - - +- To run scans as a non-root user, you can use custom STO scan images and pipelines. See [Configure your pipeline to use STO images from private registry](/docs/security-testing-orchestration/use-sto/set-up-sto-pipelines/configure-pipeline-to-use-sto-images-from-private-registry). +- STO supports multiple workflows for loading self-signed certificates. See [Run STO scans with custom SSL certificates](/docs/security-testing-orchestration/use-sto/secure-sto-pipelines/ssl-setup-in-sto/#supported-workflows-for-adding-custom-ssl-certificates). ::: ## GitHub Advanced Security step settings -The recommended workflow is to add a GitHub Advanced Security step to a **Security** or **Build** stage and then configure it as described below. +The recommended workflow is to add a GitHub Advanced Security step to a **Security** or **Build** stage and configure it as described below. ### Scan #### Scan Mode -* **Orchestration**: The step executes a the scan, normalizes the results, and deduplicates them. This mode is supported for **CodeQL** and **Dependabot** scan modes. -* **Extraction**: The step pulls existing scan results from the GitHub API for **CodeQL**, **Dependabot**, or **Secret Scanning**. -* **Ingestion**: The step ingests a SARIF file containing results from a GHAS scan that you ran previously. +- **Orchestration**: Executes the scan, normalizes, and deduplicates results. Supported for **CodeQL** and **Dependabot**. + :::note + - To comply with [GitHub’s licensing requirements](https://docs.github.com/en/get-started/learning-about-github/about-github-advanced-security#about-github-advanced-security-products), orchestration scans are uploaded to GitHub and then imported into STO. + - **Orchestration** mode currently supports *Python (pip)* and *JavaScript/TypeScript (npm or yarn)*. **Extraction** mode supports all languages available in GHAS. + ::: + +- **Extraction**: Pulls existing results from GitHub APIs (**CodeQL**, **Dependabot**, **Secret Scanning**). +- **Ingestion**: Ingests SARIF files from previously run GHAS scans. #### Scan Configuration @@ -45,38 +46,59 @@ import StoSettingProductConfigName from './shared/step-palette/scan/config-name. -* **CodeQL**: Use for Static Application Security Testing (SAST). -* **Dependabot**: Use for Dependency scanning. -* **Secret**: Use to detect exposed secrets in your codebase. +The GitHub Advanced Security step supports the following configurations: +- **[CodeQL](#codeql)** +- **[Dependabot](#dependabot)** +- **[Secret Scanning](#secret-scanning)** + +### CodeQL +You can use **CodeQL** to perform Static Application Security Testing (SAST). For details about CodeQL itself, see the [CodeQL documentation](https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql). + +Here are a few important points to note when using CodeQL with **Orchestration mode**: +- The repository must be configured with **Advanced setup** for **CodeQL analysis**. To do this, go to your repository settings, click on **Advanced Security**, then go to **Code scanning** section and select **Advanced setup** for **CodeQL analysis**. If you're using default setup, you must switch to Advanced setup before running scans with Orchestration scan mode. + +For **Extraction mode**, CodeQL works with both **Default** and **Advanced setup**. + +--- + +### Dependabot +You can use **Dependabot** for dependency (SCA) scans. For more information, see the [Dependabot documentation](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts). + +Prerequisites for Dependabot scans: +- **Dependabot alerts** must be enabled. To check this, go to your repository settings, select **Advanced Security**, then click on **Enable** for **Dependabot alerts**. +- **Dependabot** with **Orchestration mode** requires a **Docker-in-Docker (DinD)** background step. When you configure this step, set the **Entrypoint** to `dockerd-entrypoint.sh` instead of `dockerd`. For setup instructions, go to [Configure Docker-in-Docker (DinD) for your pipeline](/docs/security-testing-orchestration/sto-techref-category/security-step-settings-reference#configuring-docker-in-docker-dind-for-your-pipeline). + +--- + +### Secret Scanning +You can use **Secret Scanning** to detect exposed secrets such as API keys, tokens, or other sensitive values in your repositories. For more details about this feature, see the [Secret Scanning documentation](https://docs.github.com/en/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/choosing-github-secret-protection). + +Prerequisites for Secret Scanning: +- **Secret protection** must be enabled. To enable this, go to your repository settings, click on **Advanced Security**, then click on **Enable** for **Secret Protection**. ### Target #### Type - import StoSettingScanTypeRepo from './shared/step-palette/target/type/repo.md'; #### Name - import StoSettingTargetName from './shared/step-palette/target/name.md'; #### Variant - import StoSettingTargetVariant from './shared/step-palette/target/variant.md'; #### Workspace - import StoSettingTargetWorkspace from './shared/step-palette/target/workspace.md'; ### Ingestion File - import StoSettingIngestionFile from './shared/step-palette/ingest/file.md'; @@ -84,50 +106,44 @@ import StoSettingIngestionFile from './shared/step-palette/ingest/file.md'; ### Authentication #### Access Token - import StoSettingAuthAccessToken from './shared/step-palette/auth/access-token.md'; -Use a GitHub fine-grained **Personal Access Token** with the following repository permissions, based on your scan mode. -Make sure **Repository access** is set to **All repositories** or **Only selected repositories**. +Use a GitHub fine-grained **Personal Access Token (PAT)** with the following repository permissions: -| **Scan Mode** | **Permission** | **Level** | -|---------------|------------------------|---------------| +| **Scan Mode** | **Permission** | **Level** | +|---------------|--------------------------|---------------| | **Orchestration** (CodeQL, Dependabot) | Code scanning alerts | Read & Write | | | Dependabot alerts | Read & Write | | | Secret scanning alerts | Read & Write | -| **Extraction** (All Scan Configurations) | Code scanning alerts | Read-only | -| | Dependabot alerts | Read-only | -| | Secret scanning alerts | Read-only | +| **Extraction** (CodeQL, Dependabot, Secret Scanning) | Code scanning alerts | Read-only | +| | Dependabot alerts | Read-only | +| | Secret scanning alerts | Read-only | +Make sure **Repository access** is set to *All repositories* or *Only selected repositories*. ### Log Level - import StoSettingLogLevel from './shared/step-palette/all/log-level.md'; ### Fail on Severity - import StoSettingFailOnSeverity from './shared/step-palette/all/fail-on-severity.md'; ### Additional Configuration - import ScannerRefAdditionalConfigs from './shared/additional-config.md'; -### Advanced settings - +### Advanced Settings import ScannerRefAdvancedSettings from './shared/advanced-settings.md'; ## Proxy settings - import ProxySettings from './shared/proxy-settings.md'; - \ No newline at end of file +