This section helps you remedy common problems and understand how better to use Veracode Software Composition Analysis.
Issue |
Solution |
I need to open a support case with Veracode Technical Support. |
Provide this information to Veracode Technical Support:
- The package manager and version you are using.
- The agent CLI, CI, and plugins you use for scanning, and their versions.
- The environment variables, flags, and directives you use for scanning.
- Your debug logs, which you can get with any of these commands:
- In your terminal:
srcclr scan --debug
- In a CI:
curl -sSL https://download.sourceclear.com/ci.sh | DEBUG=1 bash
- In a CI:
export DEBUG=1 curl -sSL https://download.sourceclear.com/ci.sh | bash
- The project you are scanning with the correct directory structure.
- The command you use to start the scan and answers to these questions:
- Was your scan only a SRCCLR scan or did you use other environment variables?
- Did you use a CI script to perform the scan?
|