Google has launched the OSV-Scanner, “a free tool that gives open source developers easy access to vulnerability information relevant to their project.”
“Running OSV-Scanner on your project will first find all the transitive dependencies that are being used by analyzing manifests, SBOMs, and commit hashes. The scanner then connects this information with the OSV database and displays the vulnerabilities relevant to your project,” says Rex Pan in the announcement.
Learn more at the Google Online Security blog.
Ready to find a job? Check out the latest job listings at Open Source JobHub.
Comments