dependency-check
« Back to VersTracker
Description:
OWASP dependency-check
Type: Formula  |  Latest Version: 12.1.9@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  @owasp  |  formulae.brew.sh
Category: Security
Tags: security vulnerability-scanning owasp sca dependencies
Install: brew install dependency-check
About:
OWASP Dependency-Check is a software composition analysis (SCA) utility that identifies project dependencies and checks if there are any known, publicly disclosed vulnerabilities. It scans for dependencies across multiple package management systems and generates a comprehensive report of security issues. This tool helps developers maintain secure applications by proactively detecting risks in third-party libraries.
Key Features:
  • Supports multiple package managers (Maven, Gradle, npm, pip, etc.)
  • Automated vulnerability scanning against the National Vulnerability Database (NVD)
  • Generates detailed HTML, XML, and JSON reports
  • Integration capabilities for CI/CD pipelines
Use Cases:
  • Auditing existing applications for known security vulnerabilities
  • Integrating security scanning into CI/CD pipelines
  • Generating compliance reports for software supply chain security
Alternatives:
  • Snyk – Snyk offers a SaaS platform with real-time vulnerability databases and remediation advice, whereas Dependency-Check is an open-source CLI tool primarily using the NVD.
  • Trivy – Trivy is a comprehensive scanner often used for container images and filesystems, while Dependency-Check specializes in library dependency analysis.
License: Apache-2.0
Dependencies: openjdk
Bottles available for: all
Version History
Detected Version Rev Change Commit
Nov 11, 2025 1:56pm 0 VERSION_BUMP 12456fda
Sep 24, 2025 2:00pm 0 VERSION_BUMP 07c2bbf4
Jan 11, 2025 4:54pm 0 VERSION_BUMP 4965ac14
Dec 4, 2024 1:59pm 0 VERSION_BUMP 91a33824
Oct 30, 2024 12:32pm 0 VERSION_BUMP 03102ee4