We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation .
Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users .
You must be logged in to block users.
Contact GitHub support about this user’s behavior. Learn more about reporting abuse .
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Java 5.9k 1.2k
The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.
Groovy 349 89
Java libraries for working with available vulnerability data sources (GitHub Security Advisories, NVD, EPSS, CISA Known Exploited Vulnerabilities, etc.)
Java 94 26
Demonstrates how a malicious dependency could negatively impact the build output.
Java 19 9