Language support
See the full list of the languages and package managers currently supported by OpenText Core SCA.
Last updated
Was this helpful?
See the full list of the languages and package managers currently supported by OpenText Core SCA.
Last updated
Was this helpful?
OpenText Core SCA now supports a broad array of programming languages and package managers, allowing you to scan your code in your native language. Here is the complete list of languages and their level of support:
Following is the complete list of supporting languages, including root dependencies, indirect dependencies, security scanning, and license scanning.
C#
Nuget
.csproj
Yes
C#
Nuget
package.lock.json
Yes*
C#
Nuget
packages.config
Yes
C#
Packet
paket.lock
Yes*
C#
-
fingerprinted files (.dll, .nupkg and more**)
-
CycloneDX SBOM
-
bom.json
Yes*
CycloneDX SBOM
-
bom.xml
Yes*
Go
Bazel
WORKSPACE
-
Go
Bazel
install.json
Yes*
Go
Go Modules
go.mod
Yes
Go
Go Dep
gopkg.lock
Yes*
Java / Kotlin
Gradle
build.gradle
Yes
Java / Kotlin
Gradle
build.gradle.kts
Yes
Java / Kotlin
Maven
pom.xml
Yes
Java / Kotlin
Bazel
WORKSPACE
-
Java / Kotlin
Bazel
install.json
-
Java / Kotlin
-
fingerprinted files (.jar, .war, pom.xml and more*)
-
JavaScript
NPM
package.json
Yes
JavaScript
NPM
package.lock.json
Yes*
JavaScript
Yarn
package.json
Yes
JavaScript
Yarn
yarn.lock
Yes*
JavaScript
Bower
bower.json
Yes
JavaScript
-
fingerprinted files (.js, .ts and more**)
-
Objective-C
CocoaPods
podfile.lock
Yes*
PHP
Composer
composer.json
Yes
PHP
Composer
composer.lock
Yes*
Python
Pip
requirements.txt
Yes
Python
Pipenv
Pipfile
-
Python
Pipenv
Pipfile.lock
-
Python
-
fingerprinted files (.py, .txt, .sh, .c, .egg, .h and more**)
-
Ruby
RubyGems
Gemfile.lock
Yes*
Rust
Cargo
Cargo.lock
Yes*
Swift
CocoaPods
podfile.lock
Yes*
Scala
SBT
build.sbt
Yes
*This is a native lock file format. Native lock file formats are the fastest formats to scan.
**When constructing our knowledge base, OpenText Core SCA downloads files, extracts their contents, and creates fingerprints for all file content, except for a few excluded patterns. After that, fingerprints are generated for all the content within each file. For example, OpenText Core SCA specifically matches .dll files used in C# applications and .class files found within .jar files.