Scanning DLLs

How to detect and scan DLLs

A specific plugin can be activated in order to scan DLLs in .NET project using the parameter --process-dlls

When activated the scanner will find all DLLs present in the codebase and by inspecting the binary it will detect the name of the component, the version and the copyright/license information associated to it. These information will then be used by the analyzer and presented as findings in the reports. This is particularly relevant when using commercially licensed solutions, like Infragistics or Telerik, that are normally not detected by other tools. Meterian is also able to match the DLL with the related NuGet component, when available, to avoid duplication and false positives.

it is possible to exclude folders from this analysis using the standard exclusion system or using a specific set of inclusion/exclusions that wlll be used only for the DLL plugin, using two specific controls for .NET.

Last updated