Drupal Application Analysis


The Drupal coordinate based matching feature provides the ability to scan and evaluate  Drupal extensions (modules and themes).

What is supported

Files named drupal-components.csv  (comma separated list of Drupal extensions) will be analyzed

What do we parse from the file?

Only the extension name (value in parentheses) and version of each extension are evaluated, for example:

Automated Cron (automated_cron),8.7.10

Integrations with Drupal scanning support

  • CLI from version 90
  • Jenkins from version 3.9.20200623-110149.2e546a0
  • Bamboo from version 1.16.0

Steps to analyze using the CLI

Create drupal-components.csv file

Run the drush pm-list command and pipe results to a csv file.

drush pm-list --fields=name,version --status=enabled --format=csv > drupal-components.csv

Example drupal-components.csv file 

Automated Cron (automated_cron),8.7.10
Simplenews (simplenews),2.0.0
Crumbs (crumbs),2.2.0
Course (course),6.0.0

Run a scan

Invoke a CLI scan of a directory or subdirectories containing a drupal-components.csv file.  Instructions on how to do this can be found here: Nexus IQ CLI.

Output from cli

Dashboard results

Report results