Securing Open Source Code

Spectral can scan for open source vulnerabilities in your repositories. Run:

Copy 
spectral scan --engines oss

These programming languages and package managers are supported:

  • C, C++ (conan)

  • Dart (pubs)

  • Dotnet (deps.json)

  • Objective-C (cocoapods)

  • Elixir (mix)

  • Erlang (rebar3)

  • Go (go.mod, Go binaries)

  • Haskell (cabal, stack)

  • Java (jar, ear, war, par, sar, nar, native-image)

  • JavaScript (npm, yarn)

  • Jenkins Plugins (jpi, hpi)

  • Nix (outputs in /nix/store)

  • PHP (composer)

  • Python (wheel, egg, poetry, requirements.txt)

  • Ruby (gem)

  • Rust (cargo.lock)

  • Swift (cocoapods)