AppScan®
Source applications
and projects have corresponding files that maintain configuration
information required for scanning, as well as triage customization.
It is recommended that these files reside in the same directory as
the source code, since configuration information (dependencies, compiler
options, and so forth) required to build the projects is very similar
to that required for AppScan®
Source to scan them
successfully. Best practice includes managing these files with your
source control system.
Applications and projects created in AppScan® Source for
Analysis have a .paf and
.ppf extension respectively. These files are generated when you manually create
and configure an application or project in AppScan® Source for
Analysis, AppScan® Source for
Automation, and the AppScan® Source command line interface.
On Windows™, when you import Visual Studio solutions and
projects into AppScan® Source for
Analysis, AppScan® Source for
Automation, and the AppScan® Source command line interface, files with
.sln.gaf and .vcproj.gpf extensions are created for
them.
Note: As of version 9.0.3.11, AppScan®
Source no longer
supports macOS or iOS Xcode project scanning.
Note: When an Eclipse Importer runs on an Eclipse or Rational® Application
Developer for WebSphere® Software
(RAD) workspace, AppScan®
Source creates intermediate
files with .ewf and .epf extensions.
These files are required for the initial import into AppScan® Source for
Analysis and
for future scans.
Important: If you are working with
an AppScan®
Source project
that has dependencies in a development environment (for example, an IBM® MobileFirst
Platform project),
ensure that you build the project in the development environment before
importing it. After importing the project, if you modify files in
it, be sure to rebuild it in the development environment before scanning
in AppScan®
Source (if
you do not do this, modifications made to files will be ignored by AppScan®
Source).
Table 1. AppScan®
Source files
| AppScan®
Source File Extension |
Description |
| ppf |
- AppScan®
Source project
file
- Generated when you create a project with AppScan® Source for
Analysis or
supported AppScan®
Source utilities
- User-named
|
| paf |
- AppScan®
Source application
file
- Generated when you create an application with AppScan® Source for
Analysis or
supported AppScan®
Source utilities
- User-named
|
| sln.gaf |
|
| vcproj.gpf |
|
| ewf |
- Eclipse workspace file
- Produced when you import an Eclipse workspace into AppScan®
Source
- The Eclipse exporter creates the file based on information in
the Eclipse workspace - AppScan®
Source then imports
the file
|
| epf |
- Eclipse project file
- Produced when an Eclipse project is imported into AppScan®
Source
- The Eclipse exporter creates the file based on information in
the Eclipse project - AppScan®
Source then imports
the file
|
Tip: When you use supported build integration tools (for example, Ounce/Ant or
Ounce/Maven) to generate AppScan®
Source applications and
project files, it is recommended that you update these files in source control as part of your build
automation, to facilitate sharing them across the development team. When a developer updates the
local view of the files in source control, the AppScan®
Source application and project files update as well. This
ensures that the entire team is working with a consistent set of files.
Note: To learn which versions of imported files are supported by
AppScan® Source for
Analysis,
AppScan® Source for
Automation, and the
AppScan® Source command line interface, see
System requirements and installation prerequisites. At this page, select the tab for the version of
AppScan®
Source that
you are using - and then select the
AppScan®
Source
component that you are using. If
AppScan®
Source
supports opening and scanning files from other development environments, that support is listed
in the
Compilers and Languages section of the
Supported
Software tab.