Skip to content

VersionEye

Security, version and license alerts for your dependencies

VersionEye notifies you about new versions, license violations and security vulnerabilities in your third-party dependencies. Currently we support 11 package managers: Bundler, Composer, PIP, NPM, Bower, CocoaPods, Maven, SBT, Gradle, Leiningen and Biicode.

image

Versions

VersionEye will notify you via email when you have outdated third-party dependencies in your project. It's fully automated, just like your CI system and you can choose to receive daily, weekly or monthly reminders from VersionEye.

Security

Checking your third-party dependencies for security vulnerabilities manually can be a very time-consuming and tedious task. VersionEye checks several security databases per hour and automatically notifies you as soon as it finds any security vulnerabilities in your external dependencies.

Most security issues can be fixed by simply updating the dependencies to their newest versions. You can avoid these issues in the first place by always keeping your dependencies up-to-date.

Licenses

If you are working on closed source software you might want to avoid copyleft licenses. With VersionEye you can setup a license whitelist and if a dependencies license violates that whitelist you will get notified automatically. With the right setup VersionEye can even break your build on the CI server if there is a license violation.

VersionEye has an internal rules engine which performs license normalization using the SPDX license standard. That way you can simply put the SPDX identifiers in your license whitelist and not have to worry about different license names.

Something went wrong with that request. Please try again.