Debricked currently supports tracking C# dependencies via:
-
NuGet, using .csproj, packages.lock.json and packages.config files
-
Paket, using paket.lock file
Older NuGet projects typically contain a packages.config file and no further action from you is required. If you have a more modern NuGet project we recommend using the packages.lock.json instead. This file is not generated by default - instead, you first have to enable repeatable package restores and then commit the generated file.
We also support the use of .csproj files, but the packages.lock.json file is still preferred, as it provides the most accurate tracking of dependency versions.
If at least one of the supported files is committed to your repository, it will be automatically scanned for dependencies when you have done any of our integrations to your CI/CD pipeline.
Supported file formats and features:
| Language | Package Manager | Supported File Formats | Root dependencies | Indirect dependencies | Dependency trees | Security Scanning | License Scanning | Root Fix |
| C# | NuGet | .csproj | ✓ | ✓ | ✓ | ✓ | ✓ | |
| package.lock.json | ✓ | ✓ | ✓ | ✓ | ✓ | |||
| packages.config | ✓ | ✓ | ✓ | |||||
| Paket | paket.lock | ✓ | ✓ | ✓ | ✓ |
Have a look at the overview of all supported languages.