Configuration: Vue.js Development Build¶

Identifier: vue_development_build

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Vue.js development builds expose debugging information and development-specific features that should not be present in production environments, potentially revealing internal application structure and aiding attackers in understanding and exploiting the application.

How we test: We analyze JavaScript bundles and application responses to detect if Vue.js development builds are deployed in production. We check for development-specific features, debugging tools, and source maps that indicate a development build is being used instead of a production build.

References:

https://vuejs.org/guide/scaling-up/tooling.html#production-deployment

Configuration¶

Example¶

Example configuration:

---
security_tests:
  vue_development_build:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.