Languages supported
FlyingDuck supports scanning for SBOM, SCA, SAST and Secrets scanning across multiple programming languages.
| Language | Package Manager | Lockfile | SBOM | SCA | Secrets | SAST |
|---|---|---|---|---|---|---|
| Python | pypi | requirements.txt | ||||
| pipenv | pipfile.lock | |||||
| poetry | poetry.lock | |||||
| Javascript Typescript | npm | package-lock.json | ||||
| Yarn | yarn.lock | |||||
| pnpm | pnpm-lock.yaml | |||||
| Java Kotlin | Gradle | gradle.lockfile | ||||
| Maven | pom.xml | |||||
| PHP | Composer | composer.lock | ||||
| C# | NuGet | .csproj | ||||
| Ruby | Bundler | Gemfile.lock | ||||
| Rust | Cargo | cargo.lock | ||||
| Go | go mod | go.mod |
Currently, you can conduct Static Application Security Testing (SAST) and Secrets scanning for Ruby, Rust, and Go. Support for Software Bill of Materials (SBOM) and Software Composition Analysis (SCA) will be available soon.