OWASP dependency-check is a software composition analysis utility that d...
scanner detecting the use of JavaScript libraries with known vulnerabili...
Dependency-Track is an intelligent Component Analysis platform that allo...
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning c...
An open source tool focused on software supply chain security. 墨菲安全...
LunaSec - Dependency Security Scanner that automatically notifies you ab...
OpenSCA is an open source software supply chain security solution that s...
Tern is a software composition analysis tool and Python library that gen...
Scans your project to determine what components you use
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and repo...
A simple Java command-line utility to mirror the CVE JSON data from NIST.
ScanCode.io is a server to script and automate software composition anal...
A curated list of Software Component Analysis (SCA) books, courses - fre...
Maven plugin that integrates with a Dependency Track server to submit de...
A light-weight app to audit and inventory large codebases for open sourc...