Dependency Scanning for Bazel
With Bazel, you can import dependencies from a variety of sources, such as Maven repositories, Git repositories, or internal artifact registries. This is typically achieved using dependency rules like http_jar, maven_install .
Aikido supports scanning the targets you define within Bazel for security vulnerabilities. A build is not required, which speeds up the analysis process.
There are a limited amount of Bazel rules we currently support, but we're extending support along the way. Contact our team in case you want to suggest new Bazel rules to support.
Supported Bazel rules
Currently, we scan for dependencies imported via the following Bazel rules:
java_library
Analyzes the dependency-related attributes to identify dependencies brought in via the following dependency rules:
maven_install
Bazel >= 5
Last updated
Was this helpful?