SafeDep
AppSafeDep scans open source packages for malicious code before they are introduced in your repositories
By safedep
59 installs
Tags
(2)Verified
Pricing
Select a tab navigation
SafeDep blocks malicious open source packages from getting into your code as dependencies.
Install SafeDep to continuously scan your pull requests for malicious code. SafeDep app proactively protects your open source software supply chain by identifying and blocking threats in real-time, before they ever reach your codebase.
Key Features
- Continuous Scanning: Automated analysis of pull requests, code, and dependency changes
- Real-time Threat Intelligence: Leverage SafeDep's continuous scanning of open source packages
- Proactive Protection: Block malicious code from OSS packages before it's merged
Seamless Integration: Install with zero friction and get instant protection in your GitHub repositories
Key Benefits
- Protect against malicious code from open source libraries
- Identify vulnerable (CVE) open source packages
- Prevent open source dependencies with risky licenses
Getting Started
Requirements:
- Plan: Free for public repositories
- User Permissions: Read access to contents, write access to pull request for writing comments
How it works
- SafeDep continuously scan open source package code for malicious intents
- All pull requests (PR) are scanned for open source packages introduced or changed in the PR
- All changes in OSS supply chain are scanned using SafeDep's knowledge of malicious packages
- Malicious packages are blocked in the pull request stage
Plans and pricing
Free for public repositories. Preview access for private repositories. Limits may apply in future for private repositories.
$0- Unlimited public repositories
- Limited private repositories
- Malicious package scanning
- CI/CD integration
SafeDep is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation