View your SCA Reachability Results in the Core Application UI
Overview
Viewing results in the SCA Core UI
In the Core application’s user interface, reachable vulnerabilities will be denoted by a RED shield while unreachable vulnerabilities will be denoted by a GREEN shield. This behavior will remain consistent for Reachability results coming from both Mend CLI scans and GitHub repo integration scans.
The Reachability data is available in the Security Alerts: View By Vulnerability report.
Reference
Mend SCA Reachability - supported languages
Language | Package Manager | Details |
|---|---|---|
DotNet | Nuget | Configuration file(s): .nuspec, packages.config, .csproj, project.assets.json, packages.lock.json |
Java | Gradle | Configuration file(s): build.gradle, settings.gradle |
Java | Maven | Configuration file(s): pom.xml, settings.xml |
JavaScript | npm | Configuration file(s): package.json, package-lock.json |
JavaScript | Yarn | Configuration file(s): package.json, yarn.lock |
JavaScript | Lerna (repo only) | Configuration file(s): |
JavaScript | pnpm (repo only) | Configuration file(s): |
Python | pip | Configuration file(s): requirements.txt |
Python | Pipenv | Configuration file(s): Pipfile & Pipfile.lock |
Python | Poetry | Configuration file(s): pyproject.toml, poetry.lock |
Supported versions of each language or package manager are listed here.
Mend Reachability - tested environments
The following operating systems were tested for scanning dependencies for reachability with Mend CLI.
OS | Version |
|---|---|
MacOS | 12 |
Ubuntu | 22.04 |
Windows Server | 2022 |