Dependency-Track#
Description#
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization. The platform has an API-first design and is ideal for use in CI/CD environments.
Home page for this solution: https://dependencytrack.org/
Overview#
Key |
Value |
|---|---|
Name |
dependency-track |
Description |
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. |
License |
Apache License 2.0 |
Programming Language |
Java |
Created |
2013-07-16 |
Last update |
2025-03-20 |
Github Stars |
2935 |
Project Home Page |
|
Code Repository |
|
OpenSSF Scorecard |
Note:
Created date is date that repro is created on Github.com.
Last update is only the last date I run an automatic check.
Do not attach a wrong value to github stars. Its a vanity metric! Stars count are misleading and don’t indicate if the SBB is high-quality or very popular.