SOOS Issues
SOOS Issue Types

Unknown Package Issues

3min

What are they?

When a SOOS SCA, SBOM, or Container scan is unable to locate information for a package, this is reported as an "Unknown Package" issue in your Issues list.

Unknown Package issue details include the name and version of the package, and the manifest or location where it was identified.

Document image


What does this mean?

Typically this occurs because either:

  • This package version either no longer exists, is not referenced, or never existed.
  • This package is internal to your organization.
  • We haven't learned about this package or package version yet, but we are trying to gather more information for future scans.

SOOS cannot provide an assessment of the presence (or absence) of vulnerabilities and/or license information for unknown packages.

What can I do about it?

When an unknown package is reported for a scan SOOS will continue to attempt to locate the package. If/when the package is found the details will update in your project on the next scan.

If the package is unknown because it is an internal package, create a Package Mask Configurations.

Updated 25 Feb 2025
Doc contributor
Did this page help you?
PREVIOUS
Violation Issues
NEXT
Code (SAST) Issues
Docs powered by Archbee