Skip to main content

Configure the update advisor for Veracode SCA

The update advisor provides a safe version to which Veracode recommends you update your libraries with agent-based scanning. If you configure it in your build automation script, it also indicates if the update might break a build.

note

The update advisor determines the potential of breaking a build only for Java, .NET, Python, and Ruby libraries.

To complete this task:

  1. Add the --update-advisor argument to your build script. For example:

    EXTRA_ARGS='--update-advisor'

  2. Add the argument to the scan command.

    • If you scan with a CI tool, add the argument to the build script for your Veracode SCA agent-based scanning project. For example:

      curl -sSL https://download.sourceclear.com/ci.sh | bash -s – scan $EXTRA_ARGS

    • If you scan on your local machine with the Veracode SCA agent, add the argument in your agent.yml file. For example:

      srcclr scan <example_path>/example-java-maven --EXTRA_ARGS

Next steps:

After you perform a scan with the update advisor enabled, your results include a Breaking Update column in the Update Advisor section.