A curated list of awesome dependency check resources.
- Snyk - NodeJS, Python, Java, PHP and several other languages, but also Docker images. Commercial with on premise option.
- Node Security - NodeJS.
- RetireJS - Client Javascript and NodeJS.
- White Source Software - NodeJS, Python, Java, PHP and several other languages. Commercial with an enterprise.
- Greenkeeper - NodeJS.
- Gemnasium - NodeJS, Python, Java, PHP and several other languages.
- SourceClear - Javascript, Python, Java, PHP and several other languages. Commercial.
- Hakiri - Ruby.
- bundler-audit - Ruby.
- OWASP Dependency Check - Java and .NET.
- Sonatype OSS Index - NodeJS, Python, Java, PHP and several other languages.
- Prospector - Ruby.
- Pyup - Python.
- Requires.io - Python.
- David DM - NodeJS.
- Libraries.io - NodeJS, Python, Java, PHP and several other languages.
- Tidelift - Commercial spin-off of Libraries.io.
- Appcanary - Commercial, purchased by Github.
- Rubysec - Security resources for Ruby community.
- Clair - Vulnerability Static Analysis for Containers
- Hadolint - Dockerfile linter that helps you build images based on best practice rules.
To the extent possible under law, Rafal Zawadzki has waived all copyright and related or neighboring rights to this work.