Migrating from Legacy Plugins - Unified Agent
This article describes the differences between legacy Mend plugins and the Unified Agent along with the benefits of migrating to the Unified Agent.
Overview:
The Unified Agent is a Java command-line tool that scans open source components for vulnerable libraries and source files, as well as license compliance, and uploads the results to the Mend web application. The Unified Agent scans 200+ languages (source and binary files), and seamlessly integrates with repositories, multiple package managers, build tools, containerized environments, and CI/CD tools. The Unified Agent is one tool that can be used to cover all Mend supported languages and package managers, simplifying your Mend scanning processes. To find more information on how to use the Unified Agent, review the document Getting Started with the Unified Agent.
The following legacy Mend plugins have been (or are in the process of being) deprecated in favor of the Unified Agent.
Jenkins Plugin
Maven Plugin
NPM Plugin
TeamCity Plugin
Jenkins Plugin
The following chart describes key differences between the Jenkins plugin and the Unified Agent. Note that the Jenkins plugin supports scanning only the package manager Maven and a select group of binary and source files.
For information on integrating the Unified Agent with Jenkins, review the document Jenkins Integration.
Jenkins Plugin | Unified Agent | |
---|---|---|
Package managers | The plugin supports Maven package manager scans. | The Unified Agent supports all package managers supported by Mend. |
Binaries | The plugin supports the following binary extensions: jar, aar, dll, tar.gz, egg, whl, rpm, tar.bz2, tgz, deb, gzip, gem, swf, swc | The Unified Agent supports 27 different binary extensions. |
Source files | The plugin supports the following source file extensions: c, cc, cp, cpp, cxx, c++, go, goc, h, hpp, hxx, m, mm, c#, cs, csharp, java, js, php, py, rb, swift | The Unified Agent supports over 200 source languages and their file extensions. |
Configuration | Not available | Parameters to further configure Maven scans: maven.ignoredScopes maven.ignoreSourceFiles maven.ignoreMvnTreeErrors maven.aggregateModules maven.environmentPath maven.m2RepositoryPath maven.additionalArguments maven.projectNameFromDependencyFile |
Maven Plugin
The following chart describes key differences between the Maven plugin and Unified Agent.
For information on configuring the Unified Agent for Maven projects, review the document Configuring the Unified Agent for Maven.
Maven Plugin | Unified Agent | |
---|---|---|
Package managers | The plugin supports Maven package manager scans. | The Unified Agent supports all package managers supported by Mend. |
Binaries | Not available | The Unified Agent supports 27 different binary extensions. |
Source files | Not available | The Unified Agent supports over 200 source languages and their file extensions. |
Maven version | The plugin supports Maven 3.0.x, 3.1.x and 3.2.x | The Unified Agent supports Maven versions 3.0.x through 3.8.x. |
Configuration | Not available | Parameters to further configure Maven scans: maven.ignoreSourceFiles maven.environmentPath maven.m2RepositoryPath maven.additionalArguments maven.projectNameFromDependencyFile |
NPM Plugin
The following chart describes key differences between the NPM plugin and the Unified Agent.
For information on configuring the Unified Agent for NPM projects, review the document npm and yarn integration
NPM Plugin | Unified Agent | |
---|---|---|
Package managers | The plugin supports NPM package manager scans. | The Unified Agent supports all package managers supported by Mend. |
Binaries | Not available | The Unified Agent supports 27 different binary extensions. |
Source files | Not available | The Unified Agent supports over 200 source languages and their file extensions. |
Requirements | The plugin requires that the command ‘npm install’ be run prior to running the plugin. | The command ‘npm install’ does not need to be run prior to the Unified Agent scan if the parameter ‘npm.runPreStep’ is set to ‘true’ or a package-lock.json file is provided. |
Configuration | Not available | Parameters to further configure npm scans: npm.ignoreDirectoryPatterns npm.ignoreSourceFiles npm.ignoreScripts npm.yarnProject npm.identifyByNameAndVersion npm.yarn.frozenLockfile npm.resolveMainPackageJsonOnly npm.removeDuplicateDependencies npm.resolveAdditionalDependencies npm.resolveLockFile npm.projectNameFromDependencyFile npm.resolveGlobalPackages |
TeamCity Plugin
The following chart describes key differences between the TeamCity plugin and the Unified Agent.
For information on integrating the Unified Agent with TeamCity, review the document TeamCity Integration.
TeamCity Plugin | Unified Agent | |
---|---|---|
Package managers | The plugin supports Maven, Ant or Script runner types. | The Unified Agent supports all package managers supported by Mend. |
Binaries | Not available | The Unified Agent supports 27 different binary extensions. |
Source files | Not available | The Unified Agent supports over 200 source languages and their file extensions. |
Configuration | Not available | Parameters to further configure TeamCity scans: maven.ignoredScopes maven.ignoreSourceFiles maven.ignoreMvnTreeErrors maven.aggregateModules maven.environmentPath maven.m2RepositoryPath maven.additionalArguments maven.projectNameFromDependencyFile |