Help Center/ CodeArts Governance/ User Guide/ Software Composition Analysis (SCA)
Updated on 2025-06-05 GMT+08:00

Software Composition Analysis (SCA)

This page displays the asset information and latest analysis result.

  • My Assets

    The numbers of software packages scanned in the last 30 days, risky packages, and scan jobs in progress are displayed.

  • Top 5 Components by Risks

    The component name, version, language type, version time, number of vulnerabilities, number of critical and high-risk vulnerabilities, integration risks, and number of references are displayed.

  • Last Binary SCA

    Table 1 lists detailed information.

    Table 1 Parameters

    Parameter

    Description

    Scan File

    The scanned software package or firmware. Click it to check the scan job details.

    File Size

    Size of the scanned file.

    Started

    Time when the scan began.

    Duration

    Duration of the scan.

    Status

    The job can be in the Waiting, In progress, Completed, Stopped, or Failed status.

    Risks

    The number of risks of each check item.

    Vulnerability Severity

    The number of vulnerabilities by severity. The severity can be Critical, High, Medium, or Low.

    Compliance (Passed/Total Check Items)

    The ratio of passed check items to the total check items.

    Most Used Licenses

    Six licenses that are mostly used.