socket manifest

Some languages are harder to process than others. While we can process the manifest files (like package.json for npm) on our servers, some languages make this almost impossible without full access to the source code.

In order to work around this socket manifest attempts to offer a way for you to generate the manifest files so you can generate a Scan for them and get a report back from your CI/CD pipeline.

At the time of writing, there are two ecosystems supported this way: Scala's sbt and Gradle.

Gradle support implies support for Scala / Kotlin / Maven projects using Gradle.

These commands leverage your local environment to generate the necessary manifest files, which you can then upload to get scanned by calling socket scan create on the output directory.

You can see detailed help per language by calling help, for example: socket manifest gradle --help

We are still improving use of this command. Please let us know if you run into issues and we'll try to get them resolved as soon as possible.

socket manifest --help

  Generate a dependency manifest for given file or dir

  Usage
    $ socket manifest <command>

  Commands
    auto              Auto-detect build and attempt to generate manifest file
    gradle            [beta] Use Gradle to generate a manifest file (`pom.xml`) for a Gradle/Java/Kotlin/etc project
    kotlin            [beta] Use Gradle to generate a manifest file (`pom.xml`) for a Kotlin project
    scala             [beta] Generate a manifest file (`pom.xml`) from Scala's `build.sbt` file

  Options
    --help            Print this help

  Examples
    $ socket manifest --help