Drupal Application Analysis

NEW IN RELEASE 90

The Drupal coordinate based matching feature provides the ability to scan and evaluate Drupal extensions (modules and themes).

What is supported

Files named drupal-components.csv (comma separated list of Drupal extensions) will be analyzed.

What do we parse from the file?

Only the extension name (value in parentheses) and version of each extension are evaluated, for example:

Automated Cron (automated_cron),8.7.10

Integrations with Drupal scanning support

CLI from version 90
Jenkins from version 3.9.20200623-110149.2e546a0
Bamboo from version 1.16.0

Steps to analyze using the CLI

Create drupal-components.csv file

Run the drush pm-list command and pipe results to a csv file.

drush pm-list --fields=name,version --status=enabled --format=csv > drupal-components.csv

Example drupal-components.csv file

Automated Cron (automated_cron),8.7.10
Simplenews (simplenews),2.0.0
Crumbs (crumbs),2.2.0
Course (course),6.0.0

Run a scan

Invoke a CLI scan of a directory or subdirectories containing a drupal-components.csv file. Instructions on how to do this can be found here: Nexus IQ CLI.