Integrations
Scan your projects for open source vulnerabilities, and build security into your development toolchain with native tools and integrations. The following scan tools all utilize the OSS Index public REST API.
Java / JVM
JavaScript
- AuditJS scans npm projects
- VS Code plugin
Go
- Nancy scans Golang projects
C/C++
- Cheque scans C/C++ projects
PHP
- Bach scans Composer projects
Ruby
- Chelsea scans RubyGem projects
Rust
- Cargo Pants scans Cargo projects
R
- oysteR scans R projects
Other
- Ahab scans apt and yum operating systems
- OWASP Dependency-Check is an SCA utility for scanning project dependencies
- OWASP Dependency-Track is a component analysis platform
- OSS Review Toolkit is a suite of tools to assist with reviewing dependencies