Setting up Veracode Software Composition Analysis agent-based scanning for your desktop allows you to view open-source vulnerability and component information for your personal repositories in one central location.
The agent-based scanning command-line interface (CLI) allows the scanning of both your local file system and of repositories located in a source code management system. The agent-based scanning CLI allows highly configurable and scriptable usage.
If you encounter issues with agent-based scanning in your pipeline, you can use the command-line agent to run scans locally for troubleshooting purposes.
Parts and Requirements
- Veracode SCA agent for building, scanning, and sending evidence from repositories to the platform. For full list of requirements for the agent, see Using the Veracode SCA Agent.
The correct requirements depending on the scanned language. To see what those requirements are, select the code language in About Supported Languages and Tools for Agent-Based Scans.