Generating 3rd Party Dependency Report

hannahestes · March 27, 2023, 7:27pm

I have a specific request for a software bill of materials (SBOM) for my Unity application. I have tried some automatic scanning tools, but they don’t seem to catch anything from the built in package manager.

Does anybody else have experience preparing a report like this for a Unity application? Are there any tools available for this kind of reporting?

Would love to hear any thoughts or ideas!

chemicalcrux · March 27, 2023, 8:06pm

You could probably parse packages-lock.json to get most of the way there. Anything that you’ve directly imported into Assets/ won’t get picked up by that, though, from what I can tell.

Topic		Replies	Views
Software Bill of Materials (SBOM) News & General Discussion Feedback	5	1261	October 24, 2023
Generate .unitypackage Unity Engine	2	1445	March 19, 2010
Asset bundle content report? (breaksdown of assets with file sizes) Unity Engine	1	1164	October 20, 2010
[Released] Reports4Unity Community Showcases Asset-Store-Assets	1	1006	December 9, 2014
Any robust package & dependency management systems for Unity? Unity Engine Scripting	12	6689	July 13, 2017

Generating 3rd Party Dependency Report

Related topics