Scala - SBT
This page provides a detailed overview of the file formats and features that Scala supports.
Last updated
Was this helpful?
This page provides a detailed overview of the file formats and features that Scala supports.
Last updated
Was this helpful?
OpenText Core SCA now supports tracking Scala dependencies through the following methods:
SBT, by utilizing pom.xml files
, to find dependencies not specified in manifest files
OpenText Core SCA does not directly support scanning build.sbt files. However, SBT provides commands to generate a corresponding pom.xml file. This pom.xml file can be used to create a lock file, which allows OpenText Core SCA to analyze the complete list of direct and indirect dependencies along with their relationships.
You can do this using the High-Performance Scans technology available in . By running the resolve command, the CLI will automatically detect any build.sbt files and use them to generate the needed maven dependency files. This is also run by default within the scan command.
You can manually create the recommended file(s) by running the following commands and saving the output into a maven.debricked.lock file.
OpenText Core SCA offers the capability to scan for Scala dependencies that are not specified in manifest files through file fingerprinting. The OpenText Core SCA database includes the hashes of .jar and .war files, along with their unpacked contents, for all packages in the largest Maven repository. This information is used to compare with the contents of your application, ensuring the most accurate matches possible.
For more information on file fingerprinting and how to set it up, see .
SBT
build.sbt
No
Yes