Help Center/ CodeArts Governance/ Getting Started/ Creating a Binary SCA Job
Updated on 2025-06-06 GMT+08:00

Creating a Binary SCA Job

This section introduces how to create a binary scan job and check the scan report to help you get started.

Prerequisites

Constraints

  • Files in the following formats can be scanned: .zip, .rar, .tar, .tar.gz, .jar, .apk, .hap, .so, .gz, .gzip, and so on
  • The file name can contain only letters, digits, spaces, underscores (_), hyphens (-), and periods (.).
  • The file name can contain a maximum of 100 characters.
  • Describe the job within 200 characters.
  • The file size cannot exceed 5 GB (300 MB for free trial jobs).

Creating a Scan Job

  1. Log in to the CodeArts Governance console.
  2. In the navigation pane on the left, choose SCA > Binary SCA.
  3. Click Create Job. In the displayed dialog box, click Scan File. Upload a local software package or firmware.

    Table 1 Parameters

    Parameter

    Description

    Scan File

    The software package and firmware to be scanned

    Job

    Name of the file to be scanned

    Description

    Description of the job

    Upgrade this scan to Professional.

    This is shown when your free package has remaining scanning quota and yearly/monthly billing is not used.

    • Disabled: The Free edition will be used for this scan job.
    • Enabled: The Professional edition will be used for this scan job. After the upgrade, you can check complete scan results, export the report, and upload a file up to 5 GB. For frequent scans, yearly/monthly packages are recommended.

  4. Click OK and wait for the job to complete. Note that the scan duration is subject to the package size and code size.

    If the job is Failed, refer to What Can I Do If a Binary SCA Job Fails?

Checking the Scan Result

  1. On the Binary SCA page, check all jobs.
  2. Click a job name to check its report. Alternatively, click View Report in the Operation column of the job. This page shows the Basic Info, Open-Source Software Vulnerabilities, Open-Source License, Key and Info Leakage, Secure Compiler Options, and Security Configurations.

    Figure 1 Report details

  3. Click Download Report in the upper right corner and choose to download a PDF or an Excel file accordingly. Click Generate SBOM Report to generate a software bill of materials (SBOM) report.
  4. Download a PDF or Excel report by clicking Download Report in the upper right corner.

    The report includes the job and result overview and lists the components, vulnerabilities, keys, information leakage issues, secure compiler option issues, and security configuration issues.

  5. Click Generate SBOM Report to generate a software bill of materials (SBOM) report.