C/C++
Trivy supports Conan C/C++ Package Manager.
The following scanners are supported.
Package manager | SBOM | Vulnerability | License |
---|---|---|---|
Conan | ✓ | ✓ | ✓1 |
The following table provides an outline of the features Trivy offers.
Package manager | File | Transitive dependencies | Dev dependencies | Dependency graph | Position |
---|---|---|---|---|---|
Conan | conan.lock2 | ✓ | Excluded | ✓ | ✓ |
Conan
In order to detect dependencies, Trivy searches for conan.lock
1.
Licenses
The Conan lock file doesn't contain any license information.
To obtain licenses we parse the conanfile.py
files from the conan cache directory.
To correctly detection licenses, ensure that the cache directory contains all dependencies used.
-
The local cache should contain the dependencies used. See licenses. ↩↩
-
conan.lock
is default name. To scan a custom filename use file-patterns. ↩