Java (Maven) Support
in progress
Joévin SOULENQ
Hello,
We are also interested for the Maven support (even if Ruby is our top priority).
I just wanted to mention that this package manager is quite tricky when it comes to the SBOM construction.
As you can see here: https://github.com/orgs/community/discussions/15396
Here : https://github.com/github/roadmap/issues/467
And here : https://github.com/marketplace/actions/maven-dependency-tree-dependency-submission
Github can't resolve it properly Maven dependencies, version numbers of sub-dependencies are very often missing because there is no equivalent of "Gemfile.lock" or "package.lock" files for Maven. So unfortunately I think socket.dev CLI will have to be able to run mvn help:effective-pom to produce the dependency list, or at least require it as an input file rather than only the pom.xml file.
I hope I've helped you,
bye!
Feross Aboukhadijeh (Socket)
in progress
We've started on Java (Maven) support in Socket.
Jan Fooken
Feross Aboukhadijeh (Socket): will you add gradle as well?
Feross Aboukhadijeh (Socket)
Jan Fooken: Yes, we plan to support Gradle as well.
Feross Aboukhadijeh (Socket)
planned
We're planning to support Java. If you're interested in trying out our Java support early, please contact us at https://socket.dev/demo