Information on currently supported languages and manifests
Lockfiles vs non-lockfile manifests
How can I give SOOS direct access to scan my projects?
I have integrated GitHub but my manifests are not detected.
Look for issues beyond production code
I want to be able to send issue fix recommendations to my ticketing system for my team to address.
What do I do if SOOS identified a vulnerability but does not have any recommended fixes?
Halt your project's build as soon as a vulnerability or violation is identified.
Suggested for use with CI/CD and Script integrations
SOOS is returning manifest errors
What are Vulnerability issue types?
What are Violation issue types?
What are Dependency Typos?
What are Dependency Substitutions?
What are Web Vulnerability issue types?
SOOS identified a vulnerability that is tagged as **DISPUTED**.
What needs to be done to resolve pending issues?
Choosing to address issues at a later time
We attested a number of vulnerabilities, where do we access them to re-assess?
How can I remove the issue alert from my dashboard?
How do I remove a policy violation from my project?
We need to avoid using specific package IDs and/or package versions in our product.
What is a Package Mask and why do I need one?
My company wants to restrict the use of packages that do not meet our quality standards.
Make sure your selected open source licenses don't limit how you use your software.
We need to make sure we don't include a specific license type in our project.
We use more than one language, can they be scanned together?
Keeping your intellectual property confidential and free of vulnerabilities.
Details on how often SOOS is providing new vulnerability data.
Does SOOS keep up with vulnerability current events?
How current are my scans?
Use Service Accounts for integration purposes.
What to do if you come across a bug in SOOS
I wish to continue using SOOS, but my payment wasn't submitted on time.
I am trying to log into my account but can't find my authentication code.
Are there certain browsers that SOOS is optimized to work with?
How can I access SOOS?
How does SOOS handle private packages in scans?
Add to your subscription at any time
How many seats do you need to purchase?
A look at the different scans SOOS performs and when they are used.
Are your vulnerabilities likely to be exploited?
Currently available only for GitHub Actions
The following changes should be considered when converting to SOOS TypeScript integrations
What are Unknown Packages issues?
What are Code Issues?
What are they and what's the difference?
Why are all Unity packages listed as 'unknown/non-SPDX' license type?
Search for Packages and Vulnerabilities across all projects in your organization