C/C++ Dependency Scanning

Problem to solve

There's currently no dependency scanning for C/C++ dependencies.

Intended users

Parker (Product Manager)
Delaney (Development Team Lead)
Sasha (Software Developer)
Sam (Security Analyst)

Others:

Compliance and regulation professionals and engineers
Risk managers and analysts

Further details

This would provide an extra layer of security visibility for our C/C++ users and assist those in regulated industries (such as medical device development) with compliance and risk management. For example, this feature could help organizations meet HIPAA and IEC 62304 risk management requirements.

Common C/C++ package managers include:

Conan.io: https://github.com/conan-io/conan
vcpkg: https://docs.microsoft.com/en-us/cpp/vcpkg?view=vs-2017
Buckaroo: https://github.com/LoopPerfect/buckaroo

Proposal

Add support for C/C++ dependency scanning.

Edited Mar 19, 2019 by Luka Trbojevic