-
dependency-check-gradle
The dependency-check gradle plugin is a Software Composition Analysis (SCA) tool that allows projects to monitor dependent libraries for known, published vulnerabilities.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
For small projects I use whatever CVE scanner is free, such as npm audit, or OWASP dependency check. There are several projects that wrap OWASP's tool or use its database. In corporate environments, I've had to work with Blackduck and Checkmarx.
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.
Related posts
-
Setting up linters in Gitlab CI for C++ and Groovy / Jenkins code
-
Mastering Spring Cloud Gateway Testing: Filters (part 2)
-
Mocking with Groovy
-
Gradle's leaky abstractions: Declarative(ish) shell, imperative core: Implementing a safe(ish) global configuration DSL
-
SkillTree: Micro-Learning Gamification Platform