Supported Ecosystems & Tools
fossabot's support for language ecosystems varies based on our automated testing and availability of ground truth/evaluation dataset coverage.
| Ecosystem Name | Dependency Review | Dependency PR Creation | SAST Review |
|---|---|---|---|
| Javascript/Typescript | Strong/Well-supported | Strong/Well-supported | Strong/Well-supported |
| Java (Kotlin) | Strong/Well-supported | Strong/Well-supported | Strong/Well-supported |
| Python | Beta quality | Not supported | Strong/Well-supported |
| Go (Golang) | Beta quality | Not supported | Strong/Well-supported |
| Ruby | Beta quality | Not supported | Strong/Well-supported |
| Rust | Beta quality | Not supported | Strong/Well-supported |
| Clojure | Alpha quality | Not supported | Strong/Well-supported |
| Dart | Alpha quality | Not supported | Not supported |
| Elixir | Alpha quality | Not supported | Strong/Well-supported |
| Erlang | Alpha quality | Not supported | Not supported |
| Fortran | Alpha quality | Not supported | Not supported |
| Haskell | Alpha quality | Not supported | Not supported |
| iOS (Objective-C, Swift) | Alpha quality | Not supported | Strong/Well-supported |
| .NET (C#, F# VB) | Alpha quality | Not supported | Strong/Well-supported |
| PHP | Alpha quality | Not supported | Strong/Well-supported |
| Perl | Alpha quality | Not supported | Not supported |
Configuring a Private Registry/Code Mirror
fossabot installs your application's full dependency tree and requires access to all dependencies, both public and private.
NPM-style Code Mirrors
Credentials to an "npm-style" code mirror can be configured in Organization Settings. Common examples of this are Artifactory, GitHub Package Registry, and NPM's native private packages.
Maven Code Mirrors
Credentials to a Maven-style code mirror can be configured in Organization Settings. Common examples of this are Artifactory, Sonatype Nexus, and GitHub Packages for Maven.
Updated 8 days ago