Unsupported frameworks: veracode scan issue

[salimkt]

Unsupported Frameworks This report may have incomplete results based on the following unsupported frameworks identified during the static scan:

* The iOS application at Demojhbknkml_zip/ios/AmazonChimeSDK.xcframework/ios-
arm64_armv7/AmazonChimeSDK.framework/AmazonChimeSDK was not packaged in an **IPA archive**. Repackage it according to
the Veracode compilation guidelines before resubmitting.
* The iOS application at Demojhbknkml_zip/ios/AmazonChimeSDKMedia.xcframework/ios-
arm64_armv7/AmazonChimeSDKMedia.framework/AmazonChimeSDKMedia was not packaged in an IPA archive. Repackage it according to the Veracode compilation guidelines before resubmitting.

The lack of support for all frameworks in use by this application and/or its supporting libraries may prevent the static discovery of some flaws in the application, however, it does not invalidate the flaws that were found.

Is there any solutions to overcome this issue.

[hokyungh]

Thanks for reporting. Would you be able to provide version that it is not working? Also Veracode looks like a third party solution, so you might need to provide little more details on what it is expecting or if it is bug in how we package it.

[PaulGobin]

Veracode ( https://www.veracode.com/ ) is used in our company for static (and dynamic) scanning of all of our software to determine any security flaws and or compliance. Not that our code isn't working, but it's being flagged as out of compliance per the below

On Wed, Jun 14, 2023 at 11:01 AM Nick Hwang @.***> wrote:

Thanks for reporting. Would you be able to provide version that it is not working? Also Veracode looks like a third party solution, so you might need to provide little more details on what it is expecting or if it is bug in how we package it.

— Reply to this email directly, view it on GitHub https://github.com/aws-samples/amazon-chime-react-native-demo/issues/188#issuecomment-1591409598, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACHPTOLJG4DYBKOJX2I74LDXLHG57ANCNFSM6AAAAAAZGFAJIY . You are receiving this because you are subscribed to this thread.Message ID: <aws-samples/amazon-chime-react-native-demo/issues/188/1591409598@ github.com>

-- --Thank You Paul Gobin

[salimkt]

Thanks for reporting. Would you be able to provide version that it is not working? Also Veracode looks like a third party solution, so you might need to provide little more details on what it is expecting or if it is bug in how we package it.

We use AmazonChimeSDKMedia-0.17.7 AmazonChimeSDK-0.22.3

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[dylonChime]

From a quick search of Veracode docs, it seems these instructions need to be followed since the scanner only accepts IPA and not xcframework files. I hope that helps. If not, feel free to reopen.