Scan your dependencies

Scanning JavaScript projects

  • npm package manager using package-lock.json

Scanning Python projects

  • pip package manager using poetry.lock as manifest file

By default, the manifest is read from the root of the repository, or {{ github.workspace }} You can also add custom paths using the workdir: option in the GitHub actions workflow step, or by using the .lstn.yml config file.

Last updated

© 2024 Garnet Labs