Giters

schup / dependency-track

Dependency-Track is a web application that allows organizations to document the use of third-party components across multiple applications and versions.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Build Status Download

Dependency-Track

OWASP Dependency-Track is a Java web application that allows organizations to document the use of third-party components across multiple applications and versions. Further, it provides automatic visibility into the use of components with known vulnerabilities.

The OWASP Top Ten 2013 introduces, for the first time, the use of third-party components with known vulnerabilities. Dependency-Track aims to document the usage of all components, the vendors, libraires, versions and licenses used and provide visibility into the use of vulnerable components.

Development of Dependency-Track is sponsored in part by Axway

Installation, configuration and how-to's can be found on the GitHub Wiki.

General project information can be found on the OWASP Wiki.

Usage

$ mvn package

Finally, deploy the resulting WAR to your web application server (Tomcat, Jetty, etc)

Mailing List

Subscribe: [https://lists.owasp.org/mailman/listinfo/owasp_dependency_track_project] subscribe

Post: [owasp_dependency_track_project@lists.owasp.org] post

Copyright & License

Dependency-Track is Copyright (c) Axway. All Rights Reserved.

Permission to modify and redistribute is granted under the terms of the GPLv3 license. See the [LICENSE.txt] GPLv3 file for the full license.

Dependency-Track makes use of several other open source libraries. Please see the [NOTICES.txt] notices file for more information.

About

Dependency-Track is a web application that allows organizations to document the use of third-party components across multiple applications and versions.

License:GNU General Public License v3.0

Languages

Language:Java 93.7%Language:JavaScript 4.6%Language:CSS 1.5%Language:Shell 0.2%