Veracode SCA Scan for VS Code Prerequisites
Before you can install and use Veracode SCA Scan for VS Code, you must have:
A human user account with the Security Lead, Workspace Administrator, Workspace Editor, or Submitter role.
Configured a Veracode API credentials file with valid API credentials. The extension uses these credentials to authenticate with Veracode, not the SCA agent token.
Obtained a Veracode SCA subscription.
Created a Veracode SCA workspace. If you use My Workspace, it must have an available project slot.
Installed and activated a single SCA workspace agent on your local system. If you have more than one agent installed, you must delete all but one.
- To install a workspace agent, Veracode recommends you create and install the Veracode SCA CLI agent for your operating system.
- You obtain and activate an activation token when you create an agent in the Veracode Platform. To obtain the token for an existing agent in the Veracode Platform, select Scans & Analysis > Software Composition Analysis > Agent-Based Scan > {workspace} > Agents > {agent name}. If you do not see a token for the selected agent, you can generate a new one.
- The SCA agent requires that your project is either in a Git-based repository or you have configured a source code management (SCM) environment variable, such as
SRCCLR_NO_GIT=1
.
Installed a supported version of VS Code.
Installed a supported package manager.