When a series of python files (.py) with import statements are scanned , third party components are not getting detected.
Details
For third-party component detection, python dependencies are gathered by the analyzer from the following files: requirements.txt and setup.py. One of these files should be present in the folder that is scanned. The requirements.txt file will have versions details of the components which are crucial for getting CVE info.
- Check whether requirements.txt and setup.py are part of the analysis.
- Upgrade to the latest version of Highlight
Ticket
27319, 50757
Comments