← Back to Discover
DependencyTrack

DependencyTrack/dependency-track

JavaApache-2.0activebeginner-friendly
83Health

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Stars4.0k
Forks773
Open Issues1.1k
Contributors773
Last Push5d ago

Health Breakdown

Activity
25
Community
25
Maintenance
8
Popularity
25
#appsec#bill-of-materials#bom#component-analysis#cyclonedx#devsecops#hacktoberfest#nvd#ossindex#owasp#package-url#purl#sbom#sca#security#security-automation#software-composition-analysis#software-security#vulnerabilities#vulnerability-detection
View on GitHub ↗Issues (1.1k) ↗Pull Requests ↗

Should you contribute to DependencyTrack/dependency-track?

DependencyTrack/dependency-track has a FoundDev health score of 83/100, which puts it in the active-and-maintained tier. The maintainer team is shipping recently, issues are being closed, and a PR you open this week has a realistic chance of being reviewed.

Last push was 5 days ago — that signals an actively maintained project. New issues are likely to get a maintainer response within days. The project is written primarily in Java, so prior Java experience will shorten ramp-up.

Licensed under Apache-2.0, a standard OSI-approved license — safe to contribute to under normal employer IP policies.

Community

DependencyTrack83

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

activebeginner-friendly
4.0k773 contributors1.1k issues
5d ago

More Java repos

apache
apache/cxf
Apache CXF
92299
apache
apache/fineract
Apache Fineract
2.3k99
apache
apache/camel
Apache Camel is an open source integration framework with 350+ connectors. Write routes in Java, YAML, or XML. Run on Spring Boot, Quarkus, or standalone. Apache License 2.0.
6.3k98