Sign in with GitHub
← Back to Discover
DependencyTrack

DependencyTrack/dependency-track

JavaApache-2.0activebeginner-friendly
83Health

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Stars3.9k
Forks739
Open Issues1.1k
Contributors739
Last Push1d ago

Health Breakdown

Activity
25
Community
25
Maintenance
8
Popularity
25
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
View on GitHub ↗Issues (1.1k) ↗Pull Requests ↗

Should you contribute to DependencyTrack/dependency-track?

DependencyTrack/dependency-track has a FoundDev health score of 83/100, which puts it in the active-and-maintained tier. The maintainer team is shipping recently, issues are being closed, and a PR you open this week has a realistic chance of being reviewed.

Last push was 1 days ago — that signals an actively maintained project. New issues are likely to get a maintainer response within days. The project is written primarily in Java, so prior Java experience will shorten ramp-up.

Licensed under Apache-2.0, a standard OSI-approved license — safe to contribute to under normal employer IP policies.

Community

DependencyTrack83

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

activebeginner-friendly
3.9k739 contributors1.1k issues
1d ago

More Java repos

line
line/line-bot-sdk-java
LINE Messaging API SDK for Java
641100
apache
apache/cxf
Apache CXF
91999
apache
apache/camel
Apache Camel is an open source integration framework that empowers you to quickly and easily integrate various systems consuming or producing data.
6.2k98