# Scala ## Applicability and integration {% hint style="info" %} Scala is supported for Snyk Code and Snyk Open Source. {% endhint %} Available integrations: * SCM import * CLI and IDE: test or monitor your app ## Technical specifications Snyk supports the following Scala versions: 2.x ### Supported frameworks and libraries For Scala, the following frameworks and libraries are supported: * Akka * HTTP4S * io.cequence.openaiscala * Play Framework * Scala standard library * Slick Framework * Tapir Framework * All [Java frameworks and libraries](https://docs.snyk.io/supported-languages/java-and-kotlin#supported-frameworks-and-libraries) ### Supported package managers and registries * Supported package managers: [sbt](https://www.scala-sbt.org/) * Supported package registries: [maven.org](https://maven.org/) ## Scala for Snyk Code For Scala with Snyk Code, the following file format is supported: `.scala` Available features: * Reports * Interfile analysis {% hint style="info" %} The **Snyk Fix PR** feature is not available for Swift and Objective-C. This means that you will not be notified if the PR checks fail when the following conditions are met: * The **PR checks** feature is enabled and configured to **Only fail when the issues found have a fix available.** * "**Fixed in" available** is set to **Yes.** {% endhint %} ## Scala for Snyk Open Source For Scala with Snyk Open Source, the following file format is supported: `build.sbt` Available features: * License scanning * Reports * Test your app's SBOM and packages using `pkg:maven` PURLs through the [SBOM test](https://docs.snyk.io/developer-tools/snyk-cli/commands/sbom-test) CLI command For sbt, Snyk provides: CLI support, SCM support, and license scanning. ### CLI support for Scala The [Snyk CLI](https://docs.snyk.io/developer-tools/snyk-cli) uses the [`sbt-dependency-graph`](https://github.com/sbt/sbt-dependency-graph) plugin, which has been [included](https://www.scala-sbt.org/1.x/docs/Combined+Pages.html#sbt-dependency-graph+is+in-sourced) in `sbt` as a built-in plugin since `sbt` 1.4. However, the recommended method of calling the plugin in sbt 1.4+ is not compatible with Snyk. Use the legacy method, `addSbtPlugin()` instead. Snyk recommends installing the `sbt-dependency-graph` as a [global plugin](https://www.scala-sbt.org/1.x/docs/Using-Plugins.html#Global+plugins) so you can use it in any `sbt` project. To do this, add the plugin dependency to `~/.sbt/0.13/plugins/plugins.sbt` for `sbt` 0.13 or `~/.sbt/1.0/plugins/plugins.sbt` for `sbt` 1.0+. To add the plugin to a single Project only, update the `project/plugins.sbt` of your Project instead. Regardless of which `sbt` version you are using, you must use the following command in the relevant `plugins.sbt` file: `addSbtPlugin("net.virtual-void" % "sbt-dependency-graph" % "0.10.0-RC1")` {% hint style="warning" %} Do not use the `addDependencyTreePlugin` command which the `sbt-dependency-graph` plugin docs recommend for `sbt` 1.4+. This is incompatible with the Snyk CLI. Use the `addSbtPlugin()` command as given above. {% endhint %} For more information on installing `sbt-dependency-graph` for use with the Snyk CLI, see [How to install the SBT dependency graph plugin to test Scala projects with Snyk CLI](https://support.snyk.io/s/article/How-to-install-the-SBT-dependency-graph-plugin-to-test-Scala-projects-with-Snyk-CLI). ### SCM integration support for Scala You can import Scala `sbt` Projects from any of the supported Git repositories. For more information, see [Organization-level integrations](https://docs.snyk.io/developer-tools/scm-integrations/organization-level-integrations). To test your Scala Projects using `sbt` as a package manager, Snyk analyzes your `build.sbt` file.\ To ensure that this works properly, you must have this file in your repository before importing your Projects. You cannot declare versions of dependencies in a file that is not accessible to Snyk using a Source Code Manager (SCM) integration, for example, `Dependencies.scala`. To ensure that your Scala dependencies are detected when you import your Projects using an SCM integration, your `build.sbt` dependencies must be declared in a format that Snyk can detect, for example:\ `"commons-io" % "commons-io" % "2.11.0"`. You can use a version declared in a variable if the variable is in the `build.sbt` file, for example: ```scala lazy val derbyVersion = "10.4.1.3" libraryDependencies ++= Seq( "org.apache.derby" % "derby" % derbyVersion ) ``` For more information, see [Differences in Open Source vulnerability counts across environments](https://docs.snyk.io/scan-with-snyk/snyk-open-source/manage-vulnerabilities/differences-in-open-source-vulnerability-counts-across-environments). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.snyk.io/supported-languages/supported-languages-list/scala.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.