# Language support OpenText Core SCA now supports a broad array of programming languages and package managers, allowing you to scan your code in your native language. Here is the complete list of languages and their level of support:


C# - Nuget, Paket
CycloneDX SBOM
Go - Go Modules, Go Dep, Bazel
Java & Kotlin - Gradle, Maven, Bazel
JavaScript - NPM, Yarn, Bower, pnpm
Objective-C - CocoaPods
PHP - Composer
Python - Pip, Pipenv, UV, poetry
Ruby - RubyGems
Rust - Cargo
Swift - CocoaPods
Linux package managers
Scala - SBT

### Supported file formats and features Following is the complete list of supporting languages, including root dependencies, indirect dependencies, security scanning, and license scanning.

Language	Package manager	Supported file formats	Dependency trees	Root fix	Pull Request	Reachability Analysis	High Performance Scan
C#	Nuget	.csproj	true	true	false	false	Yes
C#	Nuget	package.lock.json	true	true	false	false	Yes*
C#	Nuget	packages.config	true	false	false	false	Yes
C#	Packet	paket.lock	false	false	false	false	Yes*
C#	-	fingerprinted files (.dll, .nupkg and more**)	false	false	false	false	-
CycloneDX SBOM	-	bom.json	true	false	false	false	Yes*
CycloneDX SBOM	-	bom.xml	true	false	false	false	Yes*
Go	Bazel	WORKSPACE	true	true	false	false	-
Go	Bazel	install.json	true	true	false	false	Yes*
Go	Go Modules	go.mod	true	true	false	false	Yes
Go	Go Dep	gopkg.lock	false	false	false	false	Yes*
Java / Kotlin	Gradle	build.gradle	true	true	false	true	Yes
Java / Kotlin	Gradle	build.gradle.kts	true	true	false	true	Yes
Java / Kotlin	Maven	pom.xml	true	true	false	true	Yes
Java / Kotlin	Bazel	WORKSPACE	true	true	false	true	-
Java / Kotlin	Bazel	install.json	true	true	false	true	-
Java / Kotlin	-	fingerprinted files (.jar, .war, pom.xml and more*)	false	false	false	false	-
JavaScript	NPM	package.json	true	true	true	false	Yes
JavaScript	NPM	package.lock.json	true	true	true	false	Yes*
JavaScript	Yarn	package.json	true	true	true	false	Yes
JavaScript	Yarn	yarn.lock	true	true	true	false	Yes*
JavaScript	Bower	bower.json	true	false	false	false	Yes
JavaScript	pnpm	package.json	true	true	true	false	Yes
JavaScript	pnpm	pnpm-lock.yaml	true	true	true	false	Yes*
JavaScript	-	fingerprinted files (.js, .ts and more**)	false	false	false	false	-
Objective-C	CocoaPods	podfile.lock	false	false	false	false	Yes*
PHP	Composer	composer.json	true	false	false	false	Yes
PHP	Composer	composer.lock	true	false	false	false	Yes*
Python	Pip	requirements.txt	true	false	false	false	Yes
Python	Pipenv	Pipfile	false	false	false	false	-
Python	Pipenv	Pipfile.lock	false	false	false	false	-
Python	UV	pyproject.toml	true	false	false	false	Yes
Python	UV	uv.lock	true	false	false	false	Yes*
Python	poetry	pyproject.toml	true	false	false	false	Yes
Python	poetry	poetry.lock	true	false	false	false	Yes*
Python	-	fingerprinted files (.py, .txt, .sh, .c, .egg, .h and more**)	false	false	false	false	-
Ruby	RubyGems	Gemfile.lock	false	false	false	false	Yes*
Rust	Cargo	Cargo.lock	false	false	false	false	Yes*
Swift	CocoaPods	podfile.lock	false	false	false	false	Yes*
Scala	SBT	build.sbt	true	true	false	false	Yes

**\***This is a native lock file format. Native lock file formats are the fastest formats to scan. \*\*When constructing our knowledge base, OpenText Core SCA downloads files, extracts their contents, and creates fingerprints for all file content, except for a few excluded patterns. After that, fingerprints are generated for all the content within each file. For example, OpenText Core SCA specifically matches .dll files used in C# applications and .class files found within .jar files. *For details on scanning Conan (C++) projects with OpenText Core SCA, refer to the topic* [*Scanning Conan (C++) projects*](https://docs.debricked.com/tips-and-tricks/workarounds/scanning-conan-c++-projects)*.*