From 35f1165f951b72cea3e9f58c19425e7b30f47dc7 Mon Sep 17 00:00:00 2001 From: Gautam Bhat <gautam@semgrep.com> Date: Tue, 21 Jan 2025 11:04:07 -0500 Subject: [PATCH] Add info on dependency paths poetry support (#1914) --- docs/semgrep-supply-chain/dependency-search.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/semgrep-supply-chain/dependency-search.md b/docs/semgrep-supply-chain/dependency-search.md index a7bc4a4de..870af12d3 100644 --- a/docs/semgrep-supply-chain/dependency-search.md +++ b/docs/semgrep-supply-chain/dependency-search.md @@ -85,7 +85,7 @@ Dependency paths allow you to view dependency paths for all transitive dependenc ### Supported languages -Semgrep generates dependency paths for select Java and JavaScript projects. +Semgrep generates dependency paths for select Java, JavaScript, and Python projects. #### Java @@ -101,6 +101,10 @@ semgrep ci --allow-local-builds Semgrep generates dependency paths for JavaScript projects that utilize `pnpm` and include a `pnpm-lock.yaml` file whenever you invoke a scan using `semgrep ci`. +#### Python + +Semgrep generates dependency paths for Python projects that utilize `poetry` and include a `poetry.lock` file whenever you invoke a scan using `semgrep ci`. + ### View the dependency graph Once the scan completes, view the dependency graph in Semgrep AppSec Platform on: