Fork me on GitHub

About

Dependency-check-core is the primary library that contains analyzers used to scan (java) application dependencies. The purpose of the analysis is to identify the library used and subsequently report on any CVE entries related to the library.

The core engine can be extended by implementing new Analyzers; see the project wiki for details.

The engine is currently exposed via: