Agent-Based Scan Language Support Matrix
This table identifies the functionality available to each language and package manager that Veracode Software Composition Analysis agents support.
Language | Package Manager | Quick Scan (Level 1) | Full Scan (Level 2) | Vulnerable Methods Scan (Level 3) |
---|---|---|---|---|
Java | Maven | X | X | |
Gradle | X | X | ||
Ant | X | X | ||
Jars | X | X | X | |
Scala | SBT | X | ||
Kotlin | Maven | X | X | |
Gradle | X | X | ||
Go | Trash | X | X | |
Glide | X | X | ||
GoVendor | X | X | ||
GoDep | X | X | ||
go get | X | |||
Go modules | X | X | ||
Dep | X | X | ||
Python | pip | X | X | |
Pipenv | X | X | X | |
JavaScript | NPM | X | X | X |
Yarn | X | X | X | |
Bower | X | X | ||
Objective-C | CocoaPods | X | X | |
Swift | CocoaPods | X | X | |
Ruby | Bundler | X | X | X |
PHP | Composer | X | X | |
C/C++ | Make | X | ||
C#/.NET | NuGet | X | X | |
DLL | X | X | X |
Additionally, Veracode SCA agents support quick scans and full scans of Android Archive (AAR) files in Android projects.