![]() ![]() SCA can containĪspects of inspecting the items your code uses. Allĭependencies are scanned, including transitive dependencies, also known as nested dependencies.ĭependency Scanning is often considered part of Software Composition Analysis (SCA). Specific settings for languages and package managersĭependency Scanning analyzes your application’s dependencies for known vulnerabilities.Hosting a copy of the gemnasium_db advisory database.Set dependency scanning CI/CD job variables to use local dependency scanning analyzers.Make GitLab dependency scanning analyzer images available inside your Docker registry.Requirements for offline dependency scanning.Running dependency scanning in an offline environment. ![]() Contributing to the vulnerability database.Using a custom TLS certificate authority.Running jobs in merge request pipelines.Obtaining dependency information by running a package manager to generate a parsable file.Obtaining dependency information by parsing lockfiles.How analyzers obtain dependency information.Supported languages and package managers. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |