Uploading dependency files manually
This article covers why and how you can upload dependency files manually through the Tidelift API.
While the Tidelift Subscription is most useful when fully integrated into your workflow, you can also manually upload dependency files manually. Uploading these files manually allows you to:
- More quickly evaluate the Tidelift Subscription
- Initiate one-off scans of repositories that are not being automatically tracked
When uploading dependency files manually, you will need:
You can typically fetch these files from the root directory of your repository. See full list of supported files here.
How to manually upload a dependency file
You can upload manifest files manually at any time – even if you already have scans configured through the API.
- From the Subscriber Dashboard navigation, select Repositories
- Select the Repository you wish to upload files for
- Select Upload Updated Manifests
- You can upload the manifest and an optional lockfile.
Your scan will begin immediately and, when complete, you can see results within the Subscriber Dashboard.
Note: If you are already using Tidelift with our GitHub application installed, these options will not be immediately available to you. Reach out to firstname.lastname@example.org and we can help.