Software Composition Analysis - SCA

Collection of tools

General

https://github.com/google/osv-scanner
https://github.com/jeremylong/DependencyCheck
https://snyk.io/
https://semgrep.dev/

Python

https://github.com/pyupio/safety/
https://github.com/tilakthimmappa/pyraider

NodeJs

https://docs.npmjs.com/cli/v10/commands/npm-audit

References

https://github.com/magnologan/awesome-sca
PreviousSoftware Bill of Materials - SBOMNextSource Code Audit

Last updated