dependency-check ☆

« Back to VersTracker

Description:
OWASP dependency-check

Type: Formula | Latest Version: 12.1.9@0 | Tracked Since: Dec 17, 2025

Links: Homepage | @owasp | formulae.brew.sh

Category: Security

Tags: security vulnerability-scanning owasp sca dependencies

Install: brew install dependency-check

About:
OWASP Dependency-Check is a software composition analysis (SCA) utility that identifies project dependencies and checks if there are any known, publicly disclosed vulnerabilities. It scans for dependencies across multiple package management systems and generates a comprehensive report of security issues. This tool helps developers maintain secure applications by proactively detecting risks in third-party libraries.

Key Features:

Supports multiple package managers (Maven, Gradle, npm, pip, etc.)
Automated vulnerability scanning against the National Vulnerability Database (NVD)
Generates detailed HTML, XML, and JSON reports
Integration capabilities for CI/CD pipelines

Use Cases:

Auditing existing applications for known security vulnerabilities
Integrating security scanning into CI/CD pipelines
Generating compliance reports for software supply chain security

Alternatives:

Snyk – Snyk offers a SaaS platform with real-time vulnerability databases and remediation advice, whereas Dependency-Check is an open-source CLI tool primarily using the NVD.
Trivy – Trivy is a comprehensive scanner often used for container images and filesystems, while Dependency-Check specializes in library dependency analysis.

License: Apache-2.0

Dependencies: openjdk

Bottles available for: all

Version History

Detected	Change	Commit
Nov 11, 2025 1:56pm	VERSION_BUMP	12456fda
Sep 24, 2025 2:00pm	VERSION_BUMP	07c2bbf4
Jan 11, 2025 4:54pm	VERSION_BUMP	4965ac14
Dec 4, 2024 1:59pm	VERSION_BUMP	91a33824
Oct 30, 2024 12:32pm	VERSION_BUMP	03102ee4