Scan Code Dependencies for Vulnerabilities

Description

Vulnerable code dependencies can cause a range of problems for your project and the people who use it. Jit integrates dependency checking into CI/CD via a tool that automatically runs for every new PR.

Stack layerSecurity domainSecurity tools initiated by this item
CodeDependency check (SCA)- OSV-scanner - Npm-audit - Nancy

📘

Monorepo support

Additional configuration steps are required to enable dependency scanning via Npm-audit within monorepos. For complete instructions, see Monorepo Support.