OSV-Scanner is a vulnerability scanner that examines your project's list of dependencies and reports any vulnerabilities that affect the versions you're using.
As of December 2023, it supports lockfiles from C, C++, Dart, Elixir, Go, Java, JavaScript, PHP, Python, R, Ruby, and Rust. It also supports custom lockfiles: simply write some glue code to convert your lockfile into an intermediary JSON file with a particular format, and OSV-Scanner will comprehend the latter.
After confirming that a reported vulnerability is a false positive or discovering mitigations other than upgrading the package, OSV-Scanner provides the option to suppress it so that future runs will not display it.
You are about to open
Do you wish to proceed?
Thank you for your report. Information you provided will help us investigate further.
There was an error while sending your report. Please try again later.
Snaps are applications packaged with all their dependencies to run on all popular Linux distributions from a single build. They update automatically and roll back gracefully.
Snaps are discoverable and installable from the Snap Store, an app store with an audience of millions.
Snap can be installed on Pop!_OS from the command line. Open Terminal from the Applications launcher and type the following:
sudo apt update
sudo apt install snapd
Either log out and back in again, or restart your system, to ensure snap’s paths are updated correctly.
To install OSV-Scanner, simply use the following command:
sudo snap install osv-scanner
Browse and find snaps from the convenience of your desktop using the snap store snap.
Interested to find out more about snaps? Want to publish your own application? Visit snapcraft.io now.