Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
智能组件分析平台,用于识别和降低软件供应链风险
RetireJS/retire.js
4,137
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
检测JavaScript库已知漏洞并生成SBOM的扫描器