Language Support

See the full list of the languages and package managers currently supported by Debricked.

Debricked currently supports a wide range of programming languages and package managers, allowing you to scan your code in the language you natively use. Here you can find the full list of languages and their level of support:

Nuget & Paket

CycloneDX SBOM

Go Modules, Go Dep, Bazel

Java & Kotlin

Gradle, Maven, Bazel

JavaScript / Typescript

NPM, Yarn, Bower

CocoaPods

Composer

Pip, Pipenv

RubyGems

Cargo

CocoaPods

Linux Package Managers

Supported file formats and features

We currently support all languages listed below, with support for root dependencies, indirect dependencies, security scanning, and license scanning.

Language	Package Manager	Supported File Formats	High Performance Scan
C#	Nuget	.csproj	Yes
C#	Nuget	package.lock.json	Yes*
C#	Nuget	packages.config	Yes
C#	Packet	paket.lock	Yes*
C#	-	fingerprinted files (.dll, .nupkg and more**)	-
CycloneDX SBOM	-	bom.json	Yes*
CycloneDX SBOM	-	bom.xml	Yes*
Go	Bazel	WORKSPACE	-
Go	Bazel	install.json	Yes*
Go	Go Modules	go.mod	Yes
Go	Go Dep	gopkg.lock	Yes*
Java / Kotlin	Gradle	build.gradle	Yes
Java / Kotlin	Gradle	build.gradle.kts	Yes
Java / Kotlin	Maven	pom.xml	Yes
Java / Kotlin	Bazel	WORKSPACE	-
Java / Kotlin	Bazel	install.json	-
Java / Kotlin	-	fingerprinted files (.jar, .war, pom.xml and more*)	-
JavaScript	NPM	package.json	Yes
JavaScript	NPM	package.lock.json	Yes*
JavaScript	Yarn	package.json	Yes
JavaScript	Yarn	yarn.lock	Yes*
JavaScript	Bower	bower.json	Yes
Objective-C	CocoaPods	podfile.lock	Yes*
PHP	Composer	composer.json	Yes
PHP	Composer	composer.lock	Yes*
Python	Pip	requirements.txt	Yes
Python	Pipenv	Pipfile	-
Python	Pipenv	Pipfile.lock	-
Ruby	RubyGems	Gemfile.lock	Yes*
Rust	Cargo	Cargo.lock	Yes*
Swift	CocoaPods	podfile.lock	Yes*

Language

Package Manager

Supported File Formats

Dependency trees

Root Fix

Pull Request

Vulnerable Functionality

High Performance Scan

Nuget

.csproj

Yes

Nuget

package.lock.json

Yes*

Nuget

packages.config

Yes

Packet

paket.lock

Yes*

fingerprinted files (.dll, .nupkg and more**)

CycloneDX SBOM

bom.json

Yes*

CycloneDX SBOM

bom.xml

Yes*

Bazel

WORKSPACE

Bazel

install.json

Yes*

Go Modules

go.mod

Yes

Go Dep

gopkg.lock

Yes*

Java / Kotlin

Gradle

build.gradle

Yes

Java / Kotlin

Gradle

build.gradle.kts

Yes

Java / Kotlin

Maven

pom.xml

Yes

Java / Kotlin

Bazel

WORKSPACE

Java / Kotlin

Bazel

install.json

Java / Kotlin

fingerprinted files (.jar, .war, pom.xml and more*)

JavaScript

NPM

package.json

Yes

JavaScript

NPM

package.lock.json

Yes*

JavaScript

Yarn

package.json

Yes

JavaScript

Yarn

yarn.lock

Yes*

JavaScript

Bower

bower.json

Yes

Objective-C

CocoaPods

podfile.lock

Yes*

PHP

Composer

composer.json

Yes

PHP

Composer

composer.lock

Yes*

Python

Pip

requirements.txt

Yes

Python

Pipenv

Pipfile

Python

Pipenv

Pipfile.lock

Ruby

RubyGems

Gemfile.lock

Yes*

Rust

Cargo

Cargo.lock

Yes*

Swift

CocoaPods

podfile.lock

Yes*

*This is a native lock file format. Native lock file formats are the fastest formats to scan.

**When building our knowledge base, we download files, unpack them, and fingerprint all file contents besides a few excluded patterns. This is a list of the files we download from each source, we fingerprint all contents of each file. Some examples are matching on .dll files for C# and .class files contained in a .jar file when we release java support.

Last updated 3 days ago