Expand or collapse sidebar Expand or collapse sidebar
Version
  • GraalVM for JDK 23 (Latest)
  • GraalVM for JDK 24 (Early Access)
  • GraalVM for JDK 21
  • GraalVM for JDK 17
  • Archives
  • Dev Build

Native Image Inspect Tool

«««< HEAD Native Image provides the Inspect Tool to list all methods included in a native executable or a native shared library. ======= The Native Image Inspect Tool extracts embedded Software Bill of Materials (SBOM) from native executables. The functionality for extracting class-level metadata is now deprecated.

Extracting Embedded SBOM #

Native Image can embed a SBOM at build time to detect any libraries that may be susceptible to known security vulnerabilities. Native Image provides the --enable-sbom option to embed an SBOM into a native executable (only available in Oracle GraalVM).

The Native Image Inspect Tool can extract the compressed SBOM using the optional --sbom parameter, as shown in the command: $JAVA_HOME/bin/native-image-inspect --sbom <path_to_binary>.

Extracting Class-Level Metadata (Deprecated) #

The extraction of class-level metadata using native-image-inspect is deprecated. In GraalVM for JDK 24, a deprecation warning is printed to stderr, and this functionality will be removed in GraalVM for JDK 25. Please migrate to using class-level SBOMs instead by passing --enable-sbom=class-level,export to the native-image builder, which generates an SBOM containing the same kind of class-level metadata information.

Native Image provides the Inspect Tool to list all classes, fields, and methods included in a native executable or a native shared library.

2e4fa13d3ab (Address some docs correction requests.) Run the command $JAVA_HOME/bin/native-image-inspect <path_to_binary> to list classes, methods, fields, and constructors in the JSON format that validates against the JSON schema defined in native-image-inspect-schema-v0.2.0.json (only available in Oracle GraalVM).

The native-image builder, by default, includes metadata in the native executable which then enables the Inspect Tool to list the included methods.

The amount of data included is fairly minimal compared to the overall image size, however you can set the -H:-IncludeMethodData option to disable the metadata emission. Images compiled with this option will not be able to be inspected by the tool.

Software Bill of Materials (SBOM) #

Native Image can embed a Software Bill of Materials (SBOM) at build time to detect any libraries that may be susceptible to known security vulnerabilities. Native Image provides the --enable-sbom option to embed an SBOM into a native executable (only available in Oracle GraalVM).

The tool is able to extract the compressed SBOM using an optional --sbom parameter accessible through $JAVA_HOME/bin/native-image-inspect --sbom <path_to_binary>.

Further Reading #

Connect with us