Getting error while running fortify scan for dotnet framework 4.7.1

Question

I have installed fortify HPE_Security_Fortify_SCA_and_Apps_17.20_Windows and using visual studio plugin for 2017. I have created a sample console application in dotnet framework 4.7.1. I am getting the following error (however I have tried same sample application in framework 4.6, 4.6.1, 4.6.2 and scan is working fine)-

Fortify SCA...
Running: CLEAN :  "-b"  "FortifySCA"  "-clean" 
Running: TRANSLATE :  -dotnet-version 4.7.1   @"C:\Users\test\AppData\Local\Fortify\VS-15.0-17.20\FortifySCA\Dotnet.4.6_Build.txt"
[error]: Invalid parameter 4.7.1 for command line argument -dotnet-version
Fortify Static Code Analyzer 17.20.0183
Copyright (c) 2003-2017 Hewlett Packard Enterprise Development LP
For command-line help, type 'sourceanalyzer -h'
Running: SCAN :  "-scan"   @"C:\Users\test\AppData\Local\Fortify\VS-15.0-17.20\FortifySCA\FortifySCA_Scan.txt"
[error]: Unable to load build session with ID "FortifySCA". See log file for more details.

Appreciate your help.

Thanks Anup Das Gupta

Answer 1

Fortify 17.20 only includes support for .NET 4.7, not .NET 4.7.1, making .NET 4.7 the latest framework version that is able to be scanned. Documentation link.

Answer 2

Unable to load build session with ID error message has been thrown for many versions now if Fortify does not support the project's version of .NET Framework. Download and install the latest version of Fortify Source Code Analyzer and scan again. Be sure to close Visual Studio first.

Happened to me after upgrading a Visual Studio solution from .NET Core 2.2 (aka netcoreapp2.2 in csproj) to .NET Core 3.1 netcoreapp3.1. Removing Fortify 19.2 and installing 20.1 did the trick.