These sources are supported via scripts in the Utilities directory.
| Source Name | Source Description | Link for more info |
|---|---|---|
| deps.cloud | deps.cloud creates a dependency graph for your environment | deps.cloud/hacktoberfest |
These sources are not currently supported, but are planned.
| Source Name | Source Description | Link for more info |
|---|---|---|
| WhiteSource | WhiteSource is a Source Composition Analysis tool that provides license and vulnerability information about your dependencies | WhiteSource Documentation |
These sources are not currently supported. If you would like to propose a Utility that would support one of these sources, please open an issue.
| Source Name | Source Description | Link for more info |
|---|---|---|
| Debricked | Automates identification of open source vulnerabilities | Debricked Documentation |
| Dependency-Check | Scans Java and .NET applications to identify the use of known vulnerable components | Dependency-Check Documentation CLI Usage |
| Fossa | Automates open source dependency management and security | Fossa Documentation |
| GitHub | Dependency graph information for a project on GitHub | GitHub Preview |
| GitLab | Find security vulnerabilities in dependencies for a project on GitLab | GitLab Dependency Scanning |
| Nexus Repository Manager | Artifact repository that manages dependencies for open source software | Repo Manager Documentation |
| OSS Review Toolkit | Verify compliance with FOSS licenses | ORT Documentation |
| ReadyAPI | Software Composition Analysis tool that automates API testing and security | ReadyAPI Documentation |
| Snyk | Finds and fixes vulnerabilities in open source projects | Snyk Documentation Reports using JSON |
| Veracode Software Composition Analysis | Detects open source vulnerabilities | Veracode Scan Documentation CLI Usage |