The update advisor provides a safe version to which Veracode recommends you update your libraries with agent-based scanning. If you configure it in your build automation script, it also indicates if the update might break a build.
The update advisor determines the potential of breaking a build only for Java, .NET, Python, and Ruby libraries.
To complete this task:
--update-advisorargument to your build script. For example:
Add the argument to the
If you scan with a CI tool, add the argument to the build script for your Veracode SCA agent-based scanning project. For example:
curl -sSL https://download.sourceclear.com/ci.sh | bash -s – scan $EXTRA_ARGS
If you scan on your local machine with the Veracode SCA agent, add the argument in your
agent.ymlfile. For example:
srcclr scan <example_path>/example-java-maven --EXTRA_ARGS
After you perform a scan with the update advisor enabled, your results include a Breaking Update column in the Update Advisor section.