PackageFix is described as 'Free browser-based dependency security fixer. Paste your manifest file and get back a fixed version with every vulnerable package patched — ready to download in one click' and is a vulnerability scanner in the development category. There are more than 10 alternatives to PackageFix, not only websites but also apps for a variety of platforms, including SaaS, Self-Hosted, Mac and Docker apps. The best PackageFix alternative is Mend Renovate, which is both free and Open Source. Other great sites and apps similar to PackageFix are Libraries.io, Aikido Security, OWASP Dependency-Track and Snyk.
Mend Renovate is a software product that helps developers automate dependency updates by identifying new package versions and delivering them to the application's codebase. It can generate pull requests and issues in the repository with details about the updates, including...
Discover open source libraries to use in your software projects and be notified of new releases to keep your applications up to date and secure.
Aikido Security is a developer-first software security platform. We scan your source code & cloud to show you which vulnerabilities are actually important to solve. Triaging is sped up by massively reducing false-positives and making CVEs human-readable.
Dependency-Track is an intelligent Software Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets.
Keep your dependencies on GitHub up to date without the automatic creation of the Pull Requests to update the dependency and checking for the known vulnerabilities.
https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/
Vulert notifies you if a SECURITY ISSUE is found in any of the open-source software you use. No installation needed.
Organizations worldwide use Black Duck products to secure and manage open source software, eliminating pain related to open source security vulnerabilities and open source license compliance.
Mend Bolt is designed to provide real-time security alerts and compliance issues related to your open source dependencies. It operates within Azure DevOps or GitHub, enabling you to identify and address open source vulnerabilities promptly.
FOSSA offers automated license scanning, dependency analysis and reports at each commit. Get a process up an running in 60 seconds, without slowing down development.
Depfu continuously updates your dependencies one at a time and creates a pull request with all the info you need. You stay in control.
Israel
United Kingdom
United States
Denmark
EU