FAQ
Scanning Development Dependencies
1min
By default SOOS does not scan Dev/Test Dependencies for CI/CD integrated scans, however this setting may be enabled under Dependency Configurations.
Dependencies matching the following descriptions will be considered dev dependencies and will be ignored unless Include Dev/Test Dependencies is enabled.
- Dependencies in manifests (all languages) marked as optional.
- Specific to Java projects:
- Dependencies marked with a <scope>test</scope> tag or <scope>import</scope> tag
- Dependencies listed under a <plugin> section
- Dependencies listed under a <profile> section marked with <id>test</id>, <id>debug</id>, <id>demo</id>, or <id>build</id>
All scans performed on uploaded manifests via the File QuickScan feature will include Dev/Test Dependencies by default.
Updated 25 Feb 2025
Did this page help you?