Fork me on GitHub


OWASP dependency-check's core analysis engine was designed to fit into an applications normal build and reporting process:

In addition, dependency-check can be executed from the command line.

Extending dependency-check

A dependency-check-plugin maven archetype has been created to assist with creating your own analyzers.

Core Engine

Information about the core engine and the utilities used can be found: