CAST HIGHLIGHT - SCA - Python dependencies are not getting detected

When a series of python files (.py) with import statements are scanned , third party components are not getting detected. 

Details

For third-party component detection, python dependencies are gathered by the analyzer from the following files: requirements.txt and setup.py. One of these files should be present in the folder that is  scanned. The requirements.txt file will have  versions details of the components which are crucial for getting CVE info. 

  1. Check whether requirements.txt and setup.py are part of the analysis.
  2. Upgrade to the latest version of Highlight

Ticket

27319, 50757

Have more questions? Submit a request

Comments

Powered by Zendesk