Scan Code Dependencies for Vulnerabilities
Description
Vulnerable code dependencies can cause a range of problems for your project and the people who use it. Jit integrates dependency checking into CI/CD via a tool that automatically runs for every new PR.
| Stack layer | Security domain | Security tools initiated by this item |
|---|---|---|
| Code | Dependency check (SCA) | - OSV-scanner - Npm-audit - Nancy |
Monorepo support
Additional configuration steps are required to enable dependency scanning via Npm-audit within monorepos. For complete instructions, see Monorepo Support.
Updated 14 days ago