View your SCA Reachability Results in the Legacy SCA Application UI
Overview
Viewing results in the Legacy SCA UI
In the Legacy SCA application’s user interface, reachable vulnerabilities will be denoted by a RED shield while unreachable vulnerabilities will be denoted by a GREEN shield. This behavior will remain consistent for Reachability results coming from both Mend CLI scans and GitHub repo integration scans.
The Reachability data is available in the Security Alerts: View By Vulnerability report.
Reference
Mend SCA Reachability - supported languages
Language | Package Manager | Details |
|---|---|---|
.NET | NuGet | Configuration file(s): .nuspec, packages.config, .csproj, project.assets.json, packages.lock.json |
Java | Gradle | Configuration file(s): build.gradle, settings.gradle |
Java | Maven | Configuration file(s): pom.xml, settings.xml |
JavaScript | npm | Configuration file(s): package.json, package-lock.json |
JavaScript | Yarn | Configuration file(s): package.json, yarn.lock |
JavaScript | Lerna | Configuration file(s): |
JavaScript | pnpm | Configuration file(s): |
Python | Conda | Configuration file(s): |
Python | pip | Configuration file(s): requirements.txt |
Python | Pipenv | Configuration file(s): Pipfile & Pipfile.lock |
Python | Poetry | Configuration file(s): pyproject.toml, poetry.lock |
Supported versions of each language or package manager are listed here.
Mend Reachability - tested environments
The following operating systems were tested for scanning dependencies for reachability with Mend CLI.
OS | Version |
|---|---|
MacOS | 12 |
Ubuntu | 22.04 |
Windows Server | 2022 |