Troubleshooting Veracode Software Composition Analysis

Veracode Integrations Security and Troubleshooting

Publication
Veracode Integrations Security and Troubleshooting
Edition date
2022-11-17
Last publication
2022-11-17T20:57:22.572229

This section helps you remedy common problems and understand how better to use Veracode Software Composition Analysis.

Issue Solution
I need to open a support case with Veracode Technical Support. Provide this information to Veracode Technical Support:
  • The package manager and version you are using.
  • The agent CLI, CI, and plugins you use for scanning, and their versions.
  • The environment variables, flags, and directives you use for scanning.
  • Your debug logs, which you can get with any of these commands:
    • In your terminal: srcclr scan --debug
    • In a CI: curl -sSL https://download.sourceclear.com/ci.sh | DEBUG=1 bash
    • In a CI: export DEBUG=1 curl -sSL https://download.sourceclear.com/ci.sh | bash
  • The project you are scanning with the correct directory structure.
  • The command you use to start the scan and answers to these questions:
    • Was your scan only a SRCCLR scan or did you use other environment variables?
    • Did you use a CI script to perform the scan?