# Dependency Scanning for Bazel With Bazel, you can import dependencies from a variety of sources, such as Maven repositories, Git repositories, or internal artifact registries. This is typically achieved using dependency rules like `http_jar`, `maven_install` . Aikido supports scanning the targets you define within Bazel for security vulnerabilities. A build is not required, which speeds up the analysis process. There are a limited amount of Bazel rules we currently support, but we're extending support along the way. Contact our team in case you want to suggest new Bazel rules to support. #### Supported Bazel rules Currently, we scan for dependencies imported via the following Bazel rules:

Bazel Rule	Note	Version
`java_library`	Analyzes the dependency-related attributes to identify dependencies brought in via the following dependency rules: `maven_install`	Bazel >= 5
`rules_jvm_external`	Parses the lock file referenced in the `lock_file` attribute of `maven.install(...)` definitions. View details here.	Bazel >= 5

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://help.aikido.dev/code-scanning/scanning-practices/dependency-scanning-for-bazel.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.