Yes! Outside of the built-in dependency scanner languages, Ketryx is able to support C#, C++, R and other languages not accounted for in built-in scanning using our SPDX functionality.
Ketryx can scan SPDX files, reported to Ketryx via the Build API, to extract information about software packages, including version, license, and advisory information (introduced in SPDX version 2.3), and checks direct and indirect (transitive) dependencies for vulnerabilities. Ketryx parses the SPDX file and creates corresponding dependencies as defined within these files.
Ketryx supports SPDX files in JSON format, of the Version 2.2 and 2.3 of the SPDX specification. Such SPDX files can be generated with a variety of tools (see documentation).
- C# - Both Snyk and FOSSA can scan for C# dependencies.
- C/ C++ - is supported by FOSSA
- R - unclear which scanners if any support R.
A full list of languages supported by Synk and other scanning tools can be found on their websites.
Comments
0 comments
Article is closed for comments.