Introducing Dart Language Support for MergeBase’s SCA Tool

Introducing Dart Support

MergeBase’s SCA tool now supports Dart, enabling developers to scan and secure mobile applications written in the Dart language or built using Flutter, a popular UI Software Development Kit for building natively compiled applications for mobile, web, and desktop from a single codebase.

An innovative and effective way to build high-quality mobile applications, Dart is a popular language for good reason, and MergeBase is proud to be the first software supply chain solution with Dart support.

Find and reduce risks in your Dart application with MergeBase today.

Mobile DevSecOps misconceptions & Dart vulnerabilities

Many assume that because mobile apps tend to be more secure than desktop applications, DevSecOps tools, processes, and security policies aren’t necessary. This is a dangerous assumption on which to base your mobile security practices.

While it’s true that mobile app languages, on average, have fewer vulnerabilities (particularly Swift), software vulnerabilities do still exist. As people increasingly look to mobile apps to do everything from ordering takeout to online banking and the amount of personal data available to potential attackers grows, so does the importance of strengthening mobile app security.

Mobile applications are subject to the same security policies as desktop applications. If your company, for example, requires that no application have known vulnerabilities with a severity level of 7 or higher, you need to ensure that your mobile app complies. The best way to do this is through routine testing.

That’s where MergeBase comes in.

Why MergeBase?

MergeBase is the first complete software supply chain solution with Dart support, and we’re committed to Dart moving forward. (If you have any suggestions or ideas on how we can strengthen our Dart support, we’d love to hear them.)

The MergeBase Dart scanner offers teams a full-featured, developer-orientated SCA solution that combines the lowest false positives with complete DevOps coverage to secure your entire application development lifecycle from coding through to deployment.

The Dart SCA tool quickly and accurately scans an application’s codebase to detect vulnerable components and dependencies and offers in-platform developer guidance to accelerate fixes. MergeBase plans also give you access to our complete SBOM solution, allowing you to create, scan, and manage SBOMs in minutes to maintain project compliance.

Want to learn more? Talk to one of our developers today.