Configuration: Svelte Development Build¶

Identifier: svelte_development_build

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Svelte development builds expose debugging information and development-specific features that should not be present in production environments. When a development build is deployed to production, it can reveal internal application structure, debugging tools, and other sensitive information that could aid attackers in understanding and exploiting the application. The common mistake is forgetting to build the application in production mode before deployment, leaving development artifacts and debugging capabilities exposed to end users.

References:

https://kit.svelte.dev/docs/configuration#mode

Configuration¶

Example¶

Example configuration:

---
security_tests:
  svelte_development_build:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.