Meterian
Meterian
Meterian
Meterian
Meterian
The client
Meterian Thin Client
Using the client from your command line
Using the client in your CI/CD pipeline
General operations
Specific controls
System requirements
The Dockerized Client
THE METERIAN DASHBOARD
The Web Dashboard
Advanced functionalities
Sentinel - Meterian Notifications service
Troubleshooting
Github Badges
Introduction
Public repository
Private repository
ONLINE INTEGRATIONS
GitHub Action
Bitbucket Pipe
Azure DevOps Pipelines
Languages support
Introduction
Java/Kotlin/Scala
NodeJS
Javascript
Python
Ruby
PHP
.NET
Golang
Swift / Objective-C
Rust
Elixir (erlang)
Perl
Special platfoms
Jupyter Notebooks
Containers support
Container Scanner
CI SERVER INTEGRATIONS
Introduction
Generic CI
Jenkins
Azure DevOps
Bamboo
TravisCI
CircleCI
TeamCity
GitLabCICD
CodeShip
AWS CodeBuild
Meterian API
API basics
Authorizing the APIs
Account APIs
Samples
Management Platforms
Threadfix
DefectDojo
Powered by GitBook

.NET

The .NET analyser is triggered by different conditions:

  1. a “packages.config” is found in the root folder

  2. a “packages” subfolder is found in the root folder

  3. a “.csproj” file is found in the root folder

  4. a "paket.dependencies" and "paket.lock" in the root folder (used by the Paket package manager)

In cases 1 and 2 the client will just collect the dependencies from the locations. In this case it's important that the information is up to date, otherwise, the client will collect stale data that will most probably lead to a wrong analysis.

In case 3 the client will trigger a “dotnet restore” and then collect the dependencies. Please note that, in this situation, the restore command has to succeed. It's important to be aware that in this situation multiple projects may be present under the same main root project folder, so you may need to instruct the client to run multiple times. This is not happening automatically because, at this time, there's no clear way to distinguish test subprojects (which are not shipped) from the non-test elements.

In case 4 (Paket) the client will load the dependency tree directly from the Paket manifest files.

When using the thin client, the required tools may have to be installed and configured (dotnet). This is not required when using the dockerized client.

This analyser cannot work remotely

Languages support - Previous
PHP
Next - Languages support
Golang
Last updated 3 months ago