FICHA · AUR

dependency-check-cli

Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies.

  • cli-tool
  • CLI
  • SECURITY
  • Dev
  • Launchable
  • Runs in terminal
official+codex · reviewed · May 31, 2026 description in en

Description

Project dependencies can be scanned for publicly disclosed vulnerabilities with a Software Composition Analysis tool. It is useful for developers and security reviewers who need CVE-oriented dependency checks.

This CLI can produce false positives or miss issues when metadata is incomplete. Treat results as audit evidence that needs triage, not as a complete guarantee that dependencies are safe.

How to run

dependency-check

Commands: dependency-check

Permissions

Permissions not analysed for this source yet.