OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

No description provided.

Manage third-party license compliance in your Rollup or Vite builds. Automatically discover every dependency, extract its license info, fail builds with disallowed licenses, and generate a complete “bill-of-materials” in JSON, HTML, CSV or custom formats.

List installed Python packages by on-disk size (largest first). Zero dependencies. Ideal for cleaning bloated global/site-packages installs.

Solana-specific dependency auditor. Catches abandoned packages, deprecated SDKs, and malicious packages that npm audit misses.

Dependency audit, vulnerability scanning & license compliance. 10 package managers, 100% local, zero telemetry.

CLI to scan project dependencies and produce a single HTML report

Scans your project's dependencies and flags zombie packages — abandoned, outdated, or imported-but-unused — before they become a security or maintenance nightmare

A binary tool that checks if vulnerability reports from dep-scan meet predefined security thresholds.