Ecosystem Support
Languages ecosystems, programming languages, package managers, and features that Socket supports
Ecosystem Maturity Levels
Socket language ecosystems are classified into three maturity levels:
- Generally Available (GA)
- Beta
- Experimental
The differences are as follows:
| Feature | GA | Beta | Experimental |
|---|---|---|---|
| Availability | Available for all Socket users. | Available for all Socket users. | Team or Enterprise plan users can contact us to get access. |
| Alert Types | Supports 25+ alert types (including Supply Chain Risk, CVE, Quality, Maintenance, and License types). | Supports 20+ alert types (including Supply Chain Risk, CVE, Quality, Maintenance, and License types). | Supports 15+ alert types (including Supply Chain Risk, CVE, Quality, Maintenance, and License types). |
| Support | Premium support from the Socket team. Any reported issues are resolved promptly. | Support from the Socket team. Any reported issues are resolved promptly, but after GA ecosystems. | Reported issues are tracked and prioritized with best effort. |
Ecosystem Support
| Language | Package manager | Maturity level | Next-gen SCA | Socket scores |
|---|---|---|---|---|
| JavaScript and TypeScript | npm, yarn, and pnpm | GA | ✅ Supported | ✅ |
| Python | pip, Poetry | GA | ✅ Supported | ✅ |
| Go | Go Modules | Experimental | ✅ Supported | ✅ |
| Java | Maven | GA | ✅ Supported | ✅ |
| Ruby | Bundler | Beta | ✅ Supported | ✅ |
| .NET (C#, F#, Visual Basic) | Nuget, Paket | 🚧 In Progress (Q4) | 🚧 | |
| Rust | cargo | 🚧 In Progress (Q4) | 🚧 | |
| Swift and Objective-C | CocoaPods, Swift Package Manager | ⏳ Planned (Q1) | ||
| Scala | sbt | ⏳ Planned (Q1) | ||
| Elixir and Erlang | hex | ⏳ Planned (Q1) | ||
| PHP | Composer | ⏳ Planned (Q1) | ||
| C and C++ | Conan, vcpkg, Hunter | ⏳ Planned (Q2) |
Vote for the languages you want us to support next!
At Socket, we're committed to expanding our ecosystem support to support diverse programming languages and package managers. We're driven by the needs of our users so if there's a language you'd like us to support, we encourage you to vote for it. Your votes directly influence our prioritization. If you're considering becoming an enterprise customer, we'd love to hear from you – we can prioritize language support based on your needs. Please reach out to us to discuss your specific requirements.
JavaScript and TypeScript
Socket officially supports npm, yarn, and pnpm.
npm
Socket fully supports npm versions 6, 7, 8, and 9.
| Feature | Support Level | Notes |
|---|---|---|
npm lockfile (package-lock.json) | ✅ Supported | Socket supports lockfile versions 1, 2, and 3 |
| npm workspaces | ✅ Supported | |
| Package overrides | ✅ Supported | |
file: dependencies | ✅ Supported | |
| shrinkwrap dependencies | ✅ Supported | |
| bundled dependencies | ✅ Supported |
Yarn
Socket fully supports Yarn versions versions 1, 2, and 3.
| Feature | Support Level | Notes |
|---|---|---|
Yarn lockfile (yarn.lock) | ✅ Supported | |
| Yarn workspaces | ✅ Supported | |
| Selective dependency resolutions (Package overrides) | ✅ Supported | |
file: dependencies | ✅ Supported | |
| shrinkwrap dependencies | ✅ Supported | |
| bundled dependencies | ✅ Supported | |
| Yarn protocols | 🚧 Partial support | |
| Yarn plugins and Plug'n'Play | ⏳ Planned |
pnpm
Socket fully supports pnpm versions versions 5, 6, and 7.
| Feature | Support Level | Notes |
|---|---|---|
pnpm lockfile (pnpm-lock.yaml) | ✅ Supported | |
| pnpm workspaces | ✅ Supported | |
| Package overrides/resolutions (Package overrides) | ✅ Supported | |
file: dependencies | ✅ Supported | |
| shrinkwrap dependencies | ✅ Supported | |
| bundled dependencies | ✅ Supported | |
| pnpm protocols | 🚧 Partial support | |
| pnpm patch | ⏳ Planned |
Python
Socket officially supports Pip and Poetry.
Pip
| Feature | Support Level | Notes |
|---|---|---|
| Pipfile | ✅ Supported | |
| pip extras | 🚧 In progress (Q3) |
Poetry
| Feature | Support Level | Notes |
|---|---|---|
pyproject.toml#tool.poetry | ✅ Supported |
Go
Socket officially supports Go. Contact us to get access.
| Package Management | Support Level | Notes |
|---|---|---|
| Go Modules | ✅ Supported |
Java
Socket officially supports Java.
| Package Management | Support Level | Notes |
|---|---|---|
pom.xml | ✅ Supported | |
| Super POM | ✅ Supported | |
| Maven support | ✅ Supported | Maven Central |
| Gradle support | ✅ Supported | Gradle is fully supported. Use the open source CycloneDX Gradle plugin to generate an SBOM which Socket will scan. Your Technical Account Manager can help you with this simple process. |
Ruby
Socket supports Ruby (in Experimental maturity). Contact us to get access.
| Package Management | Support Level | Notes |
|---|---|---|
Gemfile.lock | ✅ Supported | Rubygems |
Gemfile / *.gemspec | ✅ Supported | Bundler is fully supported. Use the open source CycloneDX Ruby gem plugin to generate an SBOM which Socket will scan. Your Technical Account Manager can help you with this simple process. |
.NET (C#, F#, Visual Basic)
.NET (C#, F#, Visual Basic) is in development. Contact us to get access.
Rust
Rust is in development. Contact us to get access.
Something missing?
Please add a feature request and we will do our best to make your wish come true!
Updated 7 days ago