dejacode
dejacode copied to clipboard
aboutcode-org
Automate open source license compliance and ensure software supply chain integrity
**Is your enhancement request related to a problem? Please describe.** DejaCode allows to load packages associated with a product from an SBOM. A modern SBOM that fulfills requirements such as...
**Describe the bug** On a self-hosted instance of DejaCode, it appears that the current main branch of DejaCode does not scan individual packages after loading the SBOM. This feature seems...
Export the results of the vulnerabilities triage and processing as CSAF VEX document
Export the results of the vulnerabilities triage and processing as CycloneDX VEX document https://cyclonedx.org/capabilities/vex/ https://github.com/CycloneDX/bom-examples/tree/master/VEX
Introduce VEX Support to DejaCode - enhance data model to support a Product VEX List - provide Export capabilities to product VEX documents that comply with industry-recognized formats Here are...
We should createc a base Vulnerability application management in DejaCode with these features: - [ ] CRAVEX: Create a scheduler for vulnerability lookups that will lookup in VCIO - [...
  
When working with hundred of Inventory Items you need the capability to search and filter by Item name. Some common use cases are: - Search/filter by package type - Search/filter...
Create models and design API to integrate external tool's reachability analysis results inform vulnerability ranking
Re-rank the exploitability scores given the org and local app/product context and policies
Metadata
Owner
Metadata
Automate open source license compliance and ensure software supply chain integrity