JavaScript SCA agent-based scanning
You can find vulnerabilities in your JavaScript applications using Veracode Software Composition Analysis agent-based scanning. You can run a scan on NPM, Yarn and Bower repositories using the agent-based scanning command-line interface or the CI integrations.
For packaging instructions for Veracode Static Analysis and Veracode SCA upload scans, see Packaging JavaScript and TypeScript applications.