New feature! Security advisories for your dependencies.
Every time your repository si analyzed and the dependencies are detected they are checked for known vulnerabilities using our internal hand-picked security advisories database.
A typical analysis result can look like this:
If you follow the secuirty advisory link you're transfered to the details page, which has all the information needed for taking an action:
The internal database is accessible publicly by this link Security Advisories.
When we build our own database we use the following sources:
- language-specific package distributors (CPAN, npm coming soon);
- CVE databases;
- Linux and BSD distributions security advisory feeds (Debian, FreeBSD, Gentoo etc).
Sign Up and try it yourself!