How do I enable transitive dependencies for my SBOM?

Lee Chickering
Lee Chickering

Ketryx built-in dependency scanning currently only supports direct dependencies of a project, e.g. top-level dependencies. To enable transitive dependency management, you'll need to perform the following steps:

  1. Using the Build API, submit SPDX (Software Package Data Exchange) files in JSON format that contain all dependencies of a project, including transitive dependencies.
  2. Additionally, as the organization owner, you will need to enable transitive dependencies in your advanced settings.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request



Article is closed for comments.