Search Unity

  1. We are migrating the Unity Forums to Unity Discussions. On July 12, the Unity Forums will become read-only.

    Please, do not make any changes to your username or email addresses at id.unity.com during this transition time.

    It's still possible to reply to existing private message conversations during the migration, but any new replies you post will be missing after the main migration is complete. We'll do our best to migrate these messages in a follow-up step.

    On July 15, Unity Discussions will become read-only until July 18, when the new design and the migrated forum contents will go live.


    Read our full announcement for more information and let us know if you have any questions.

Discussion Generating 3rd Party Dependency Report

Discussion in 'Editor & General Support' started by hannahestes, Mar 27, 2023.

  1. hannahestes

    hannahestes

    Joined:
    Jun 6, 2018
    Posts:
    1
    I have a specific request for a software bill of materials (SBOM) for my Unity application. I have tried some automatic scanning tools, but they don't seem to catch anything from the built in package manager.

    Does anybody else have experience preparing a report like this for a Unity application? Are there any tools available for this kind of reporting?

    Would love to hear any thoughts or ideas!
     
  2. chemicalcrux

    chemicalcrux

    Joined:
    Mar 16, 2017
    Posts:
    726
    You could probably parse packages-lock.json to get most of the way there. Anything that you've directly imported into Assets/ won't get picked up by that, though, from what I can tell.