---
title: "Supply Chain Management Software Dependencies"
description: "Ketryx FAQ articles about Supply Chain Management Software Dependencies."
category: "Frequently Asked Questions"
last_reviewed: 2026-06-11
---

# Supply Chain Management Software Dependencies

Frequently asked questions about Supply Chain Management Software Dependencies in Ketryx.

## Articles

- [SBOM Transitive Dependencies](../articles/sbom-transitive-dependencies.md)
- [Can I use an external vulnerability scanner and report those results to Ketryx?](../articles/can-i-use-an-external-vulnerability-scanner-and-report-those-results-to-ketryx.md)
- [How can I clear my SBOM that I uploaded via the Build API?](../articles/how-can-i-clear-my-sbom-that-i-uploaded-via-the-build-api.md)
- [How can I update my SBOM that I already uploaded through the Ketryx Build API?](../articles/how-can-i-update-my-sbom-that-i-already-uploaded-through-the-ketryx-build-api.md)
- [How can I set up post-market vulnerability notifications for a specific release?](../articles/how-can-i-set-up-post-market-vulnerability-notifications-for-a-specific-release.md)
- [Can I use Ketryx to document threat models in my system?](../articles/can-i-use-ketryx-to-document-threat-models-in-my-system.md)
- [Does Ketryx support C# dependency scanning?](../articles/does-ketryx-support-c-dependency-scanning.md)
- [Why are there differences between the vulnerabilities shown in the SBOM module and on the Vulnerability page?](../articles/why-are-there-differences-between-the-vulnerabilities-shown-in-the-sbom-module.md)
- [Why are there fewer dependencies in the Ketryx SBOM module than parsed and shown on the build page?](../articles/why-are-there-fewer-dependencies-in-the-ketryx-sbom-module-than-parsed-and.md)
- [Do open source SBOM generation tools introduce risk?](../articles/do-open-source-sbom-generation-tools-introduce-risk.md)
- [I submitted a spdx file via the Build API. Why aren't any or all dependencies loading in Ketryx?](../articles/i-submitted-a-spdx-file-via-the-build-api-why-aren-t-any-or-all-dependencies.md)
- [Can Ketryx scan for dependencies outside of the built-in dependency scanner languages?](../articles/can-ketryx-scan-for-dependencies-outside-of-the-built-in-dependency-scanner.md)
- [What languages does Ketryx built-in dependency scanning support?](../articles/what-languages-does-ketryx-built-in-dependency-scanning-support.md)
- [How frequently does Ketryx scan the repository?](../articles/how-frequently-does-ketryx-scan-the-repository.md)
- [How is our connected source code repository processed by Ketryx?](../articles/how-is-our-connected-source-code-repository-processed-by-ketryx.md)
- [How can I use "Release ref pattern" for connected repositories in the Ketryx project settings?](../articles/how-can-i-use-release-ref-pattern-for-connected-repositories-in-the-ketryx.md)
- [How can I use "Analyzed branch or tag" for connected repositories in the Ketryx project settings?](../articles/how-can-i-use-analyzed-branch-or-tag-for-connected-repositories-in-the-ketryx.md)
- [Can I restrict which files from my repository are considered when Ketryx scans for dependencies?](../articles/can-i-restrict-which-files-from-my-repository-are-considered-when-ketryx-scans.md)
- [What is the difference between the release vulnerability report and the "on-demand" vulnerability report data grid option on the Vulnerabilities page?](../articles/what-is-the-difference-between-the-release-vulnerability-report-and-the-on.md)
- [Can I use Ketryx for C# dependencies management if I have Snyk or FOSSA?](../articles/can-i-use-ketryx-for-c-dependencies-management-if-i-have-snyk-or-fossa.md)
- [How do I have each component of my medical device upload an SBOM independently? When using the GitHub action to upload an SBOM, why does a specific version override the content of what I had previously uploaded?](../articles/how-do-i-have-each-component-of-my-medical-device-upload-an-sbom-independently.md)
- [If we utilize different scanners, does Ketryx take this into account so we know what we have mitigated and what we haven't?](../articles/if-we-utilize-different-scanners-does-ketryx-take-this-into-account-so-we-know.md)
- [Does Ketryx integrate with multiple vulnerability scanners beyond what is native in Ketryx?](../articles/does-ketryx-integrate-with-multiple-vulnerability-scanners-beyond-what-is.md)
- [How does Ketryx manage vulnerabilities as opposed to product and patient related risks?](../articles/how-does-ketryx-manage-vulnerabilities-as-opposed-to-product-and-patient.md)
- [How do I enable transitive dependencies for my SBOM?](../articles/how-do-i-enable-transitive-dependencies-for-my-sbom.md)
- [Why don't cybersecurity risk management fields copy over across all projects that share a repository in the SBoM module? Do I have to copy over information from the other project or is there an easy way to move this data?](../articles/why-don-t-cybersecurity-risk-management-fields-copy-over-across-all-projects.md)
- [Does Ketryx offer integration with Git but not with GitHub for managing requirements, specifications, and test cases? Should these be written as markdown files instead of GitHub issues?](../articles/does-ketryx-offer-integration-with-git-but-not-with-github-for-managing.md)
- [What package managers does Ketryx support and and how does Ketryx utilize these package managers for its operations?](../articles/what-package-managers-does-ketryx-support-and-and-how-does-ketryx-utilize-these.md)
- [What are "used dependencies"?](../articles/what-are-used-dependencies.md)
- [How can I add a private repository?](../articles/how-can-i-add-a-private-repository.md)
- [How can I use the SOUP dependency analysis feature?](../articles/how-can-i-use-the-soup-dependency-analysis-feature.md)
