Setting up Veracode Software Composition Analysis agent-based scanning for your desktop allows you to view open-source vulnerability and component information for your personal repositories in one central location.
The agent-based scanning command-line interface (CLI) allows the scanning of both your local file system and of repositories located in a source code management system. The agent-based scanning CLI allows highly configurable and scriptable usage.
If you encounter issues with agent-based scanning in your pipeline, you can use the command-line agent to run scans locally for troubleshooting purposes.
Parts and requirements
- Veracode SCA agent for building, scanning, and sending evidence from repositories to the platform. For full list of requirements for the agent, see Using the Veracode SCA agent.
- The correct requirements depend on the scanned language. To see what those requirements are, see the agent-based scan support matrix.