Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
-
Updated
Nov 21, 2024 - Java
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
A .NET Core global tool to check the packages for known vulnerabilities
Monitors for new or updated dependencies and provides vulnerability information wihthin the editor
Audits nodejs dependencies for known vulnerabilities.
Implement vulnerabilities scanning on top of package management system like apt, pip, composer...
Python library for querying OSS Index
Add a description, image, and links to the ossindex topic page so that developers can more easily learn about it.
To associate your repository with the ossindex topic, visit your repo's landing page and select "manage topics."