๐Ÿ“ฆCode Risk Language and Framework Support

This page will be deprecated when all other pages in code risk are completed

Rules Methodology


Arnica's scanners leverage a combination of open source libraries and Arnica's internally maintained Global Rules. This rules framework combines the growth engine of open source contribution and the scan quality of a managed service, resulting in expansive coverage with quality scanning results. Arnica also allows organizations to define custom rules for SAST and Secret scanning, allowing for customized coverage and detection of org specific code or tokens.


Full Language and Framework Support

The following languages and frameworks are supported out of the box within Arnica.

Language/FrameworkSASTSCA/LicenseReputationIaC

.Net

C# is GA

packages.lock.json, packages.config, .deps.json

NuGet

N/A

Azure Resource Manager (ARM)

N/A

N/A

N/A

GA

Bash

Experimental

N/A

N/A

N/A

C

GA

conan.lock

-

N/A

C++

GA

conan.lock

-

N/A

Clojure

Experimental

-

-

N/A

CloudFormation

N/A

N/A

N/A

GA, including AWS SAM

Dart

Experimental

-

-

N/A

Docker

N/A

N/A

N/A

GA

L

Experimental

mix.lock

-

N/A

Go

GA

go.mod

Go

N/A

Helm Charts

N/A

N/A

N/A

GA

HTML

Experimental

N/A

N/A

N/A

Java

GA

Files: JAR, WAR, EAR. Packages: pom.xml, gradle.lockfile

Maven

N/A

JavaScript (including JSX, TSX, TypeScript)

GA

package-lock.json, yarn.lock, pnpm-lock.yaml

NPM

N/A

Jsonnet

Experimental

-

-

N/A

Julia

Experimental

-

-

N/A

Kotlin

Beta

-

-

N/A

Kubernetes

N/A

N/A

N/A

GA

Lisp

Experimental

-

-

N/A

Lua

Experimental

-

-

N/A

OCaml

Experimental

-

-

N/A

PHP

GA

composer.lock

-

N/A

Python

GA

Pipfile.lock, poetry.lock, requirements.txt

PyPi

N/A

R

Experimental

-

-

N/A

Ruby

GA

Gemfile.lock

-

N/A

Rust

Beta

Cargo.lock

Cargo

N/A

Scala

GA

Same as Java

-

N/A

Scheme

Experimental

-

-

N/A

Serverless Framework

N/A

N/A

N/A

GA

Solidity

Experimental

-

-

N/A

Swift

Experimental

-

-

N/A

Terraform

N/A

N/A

N/A

GA: AWS, GCP, Azure and OCI

*Scanning coverage is subject to change base on your tenants tier.

Last updated