Product

Extended Dependency Detection

Ostorlab now supports uploading an SBOM or Lockfile for extended dependency detection.

Tue 18 July 2023

We are excited to announce that Ostorlab now supports uploading an SBOM or Lockfile for extended dependency detection.

Create a scan with an SBOM or Lockfile

Supported Files

The platform supports an extensive list of SBOM and Lockfiles.

  • SPDX
  • CycloneDX
  • gradle.lockfile
  • pubspec.lock
  • buildscript-gradle.lockfile
  • pnpm-lock.yaml
  • package-lock.json
  • packages.lock.json
  • pom.xml
  • Gemfile.lock
  • yarn.lock
  • Cargo.lock
  • composer.lock
  • conan.lock
  • mix.lock
  • go.mod
  • requirements.txt
  • Pipfile.lock
  • poetry.lock

To get started, refer to the detailed steps provided in our integration documentation here.

Tags:

security, osv

We do newsletters, too

Get the latest news, updates, and product innovations from Ostorlab right in your inbox.

Table of Contents