dep-scan: Fully open-source security audit for project dependencies

From securityonline.info

dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories, and licenses limitations. Both local repositories and container images are supported as input. The tool is ideal for CI environments with built-in build breaker logic.

Read more…