Keeping up with dependencies like a boss

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/programming
#Containers #Docker #Go #Golang #Static Analysis

Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • InfluxDB - Build time-series-based applications quickly and at scale.
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • syft

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems

    I'll continue relying on Anitya for the feed and syft/grype to build my SBOM and track vulnerabilities.

  • grype

    A vulnerability scanner for container images and filesystems

    I'll continue relying on Anitya for the feed and syft/grype to build my SBOM and track vulnerabilities.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts