2022 year 6 month 29 Japan ,OpenSCA The new version v1.0.7 Official release , The heavyweight function is continuously updated , Meet more needs of users .
1. v1.0.7 Update the content
New support Python Open source component detection of language
newly added Gradle Static parsing of package management tools
Optimize the display effect of the same component when checking out different paths
2. Update instructions
(1) New support Python Open source component detection of language
In this version , We add an important function , Support Python Language pip Of package management tools pipfile、pipfile.lock and setup.py Open source component detection of feature files .
(2) newly added Gradle Static parsing of package management tools
New support in this version Gradle Static parsing of , When you can't use Gradle Static parsing method will be used in dynamic parsing , This method can be independent of Gradle Package management tools .
(3) Optimize the display effect of the same component when checking out different paths
When the same component is checked out in multiple paths , A component will be displayed in the test results , In the “ Check out path ” Multiple paths will be listed and displayed in the function module .
3. Detection capability
at present OpenSCA The package manager and related configuration files corresponding to the following programming languages are supported to be parsed :
Participation and contribution , Build open source projects
Thank every member of the open source community for OpenSCA Your support and contribution . We encourage more partners to participate in OpenSCA In the construction of open source projects , Become an open source contributor , Any suggestions can be posted in the comment area or Gitee、GitHub On OpenSCA Project Issues in . Let's embrace open source , Build an open-source and safe ecosystem , Promote the healthy development of open source industry .
OpenSCA It's under the safety flag of hanging mirror Yuanjian OSS Open source version of open source threat control products , Inherited Yuanjian OSS Multiple sources of SCA Open source application security defect detection and other core capabilities .
OpenSCA Do open source risk management in an open source way , Committed to being the escort of software supply chain security , Protect the security of China's software supply chain .
OpenSCA Your code will be in GitHub and Gitee Continuous iteration , welcome Star and PR, Become our open source contributor , You can also submit questions or suggestions to Issues. We will refer to your suggestions and constantly improve OpenSCA Open source project , Please look forward to the support of more functions .
GitHub:
https://github.com/XmirrorSecurity/OpenSCA-cli/
Gitee:
https://gitee.com/XmirrorSecurity/OpenSCA-cli/
OpenSCA Official website :
https://opensca.xmirror.cn/
Welcome to scan the code and contact Xiaojing
Join in OpenSCA Community technology exchange group
