Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Register now to learn Fabric in free live sessions led by the best Microsoft experts. From Apr 16 to May 9, in English and Spanish.

Reply
venukurs
New Member

Custom Visual code scan

‎08-11-2020 11:49 PM

Hi,

 

For one of our customer, we have imported following custom visuals from Microsoft AppSource.

 

  1. Tachometer
  2. Sunburst
  3. HTMLViewer

 

As per the customer security requirements, any third-party custom visuals should follow Code Scan procedure hence requesting you to provide your feedback on the following queries.

 

  1. How to extract the code for custom visuals (especially Tachometer, Sunburst and HTMLViewer) in order to scan code for internal security team acceptance.
  2. Is there any way to scan the custom visual code to verify vulnerable issues, if yes then can you please suggest the tool that can support to scan the custom visuals.
Labels:
Message 1 of 4
836 Views
0
1 ACCEPTED SOLUTION
v-lionel-msft
Community Support
Community Support

‎08-14-2020 01:02 AM

Hi @venukurs ,

 

1. Modify the .pbix file to a .zip file.

What makes up a Power BI Desktop PBIX File 

v-lionel-msft_0-1597391536924.png

2. Find the JSON files of the custom visuals.

v-lionel-msft_1-1597391920286.png

3. Use code analysis tools to analyze code.

Maybe you can use Visual Studio.

Using the Code Analysis Tool 

 

Best regards,
Lionel Chen

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

 

 

 

 

View solution in original post

Message 4 of 4
722 Views
0
3 REPLIES 3
v-lionel-msft
Community Support
Community Support

‎08-14-2020 01:02 AM

Hi @venukurs ,

 

1. Modify the .pbix file to a .zip file.

What makes up a Power BI Desktop PBIX File 

v-lionel-msft_0-1597391536924.png

2. Find the JSON files of the custom visuals.

v-lionel-msft_1-1597391920286.png

3. Use code analysis tools to analyze code.

Maybe you can use Visual Studio.

Using the Code Analysis Tool 

 

Best regards,
Lionel Chen

If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

 

 

 

 

Message 4 of 4
723 Views
0
lbendlin
Super User
Super User

‎08-12-2020 04:36 PM

.pbiviz files are ZIP archives containing JSON files with the visual code.  Unpack and scan.

Message 2 of 4
772 Views
venukurs
New Member
In response to lbendlin

‎08-13-2020 12:47 AM

Thank you for your response.

 

Can you plesae suggest a tool that support to scan json code. 

Message 3 of 4
757 Views
0

Helpful resources

Announcements
Microsoft Fabric Learn Together

Microsoft Fabric Learn Together

Covering the world! 9:00-10:30 AM Sydney, 4:00-5:30 PM CET (Paris/Berlin), 7:00-8:30 PM Mexico City

PBI_APRIL_CAROUSEL1

Power BI Monthly Update - April 2024

Check out the April 2024 Power BI update to learn about new features.

April Fabric Community Update

Fabric Community Update - April 2024

Find out what's new and trending in the Fabric Community.

View All