Fork me on GitHub


Dependency-check-core is the primary library that contains analyzers used to scan (java) application dependencies. The purpose of the analysis is to identify the library used and subsequently report on any CVE entries related to the library.

The core engine can be extended by implementing new Analyzers; see the project wiki for details.

The engine is currently exposed via: