VersionEye
Security, version and license alerts for your dependencies
VersionEye notifies you about new versions, license violations and security vulnerabilities in your third-party dependencies. Currently we support 11 package managers: Bundler, Composer, PIP, NPM, Bower, CocoaPods, Maven, SBT, Gradle, Leiningen and Biicode.
Versions
VersionEye will notify you via email when you have outdated third-party dependencies in your project. It's fully automated, just like your CI system and you can choose to receive daily, weekly or monthly reminders from VersionEye.
Security
Checking your third-party dependencies for security vulnerabilities manually can be a very time-consuming and tedious task. VersionEye checks several security databases per hour and automatically notifies you as soon as it finds any security vulnerabilities in your external dependencies.
Most security issues can be fixed by simply updating the dependencies to their newest versions. You can avoid these issues in the first place by always keeping your dependencies up-to-date.
Licenses
If you are working on closed source software you might want to avoid copyleft licenses. With VersionEye you can setup a license whitelist and if a dependencies license violates that whitelist you will get notified automatically. With the right setup VersionEye can even break your build on the CI server if there is a license violation.
VersionEye has an internal rules engine which performs license normalization using the SPDX license standard. That way you can simply put the SPDX identifiers in your license whitelist and not have to worry about different license names.
Authorize VersionEye to access your GitHub account.
VersionEye is provided by a third-party and is governed by separate terms, privacy, and support documentation.
Categories
More info
Developer
-
The GitHub logo, Invertocat logo, the images and other content are trademarks or copyrights of GitHub, Inc. All other trademarks are the property of their respective owners.