Skip to main content

Validating fixed agent-based scan results

Before committing your code changes, you can run an agent-based scan with the --allow-dirty flag to validate a fix you made to your repository. This flag ignores uncommitted changes in your code. For example:

srcclr scan /path/to/<project_folder> --allow-dirty

When you verify that the vulnerability no longer appears in the scan output, you have fixed the vulnerability, and you can commit your code.