Create a SBOM from a SWIFT application and upload it on Dependency Trak But not vulnerability find
#4667
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
Apologies if my question seems basic, but I’m new to Dependency-Track.
I have already uploaded several SBOMs from .NET projects, and everything is working perfectly. Now, I want to monitor the dependencies used in our mobile applications, starting with iOS.
We are still using CocoaPods as our package manager, so I used cyclonedx-cocoapods to generate an SBOM, which I then uploaded to Dependency-Track. The packages appear correctly in the interface, but no vulnerabilities or outdated packages are detected, which is unusual.
I see two possibilities: either we are exceptionally good at keeping our iOS dependencies up to date, or Dependency-Track does not properly analyze SBOMs for iOS (or maybe it is not supported).
Do you have any insights or recommendations on this topic?
Thanks in advance for your help.
Beta Was this translation helpful? Give feedback.
All reactions