Skip to content

GitHub App

WhiteSource Bolt for GitHub

GitHub App

WhiteSource Bolt for GitHub

We'll help you harness the power of open source without compromising on security or agility!

WhiteSource Bolt for GitHub is a FREE app, which continuously scans all your repos, detects vulnerabilities in open source components and provides fixes. It supports both private and public repositories, to make sure nothing puts your product at risk.

We've got you covered with over 200 programming languages support and continuous tracking of multiple open source vulnerabilities databases like the NVD and additional security advisories.

Find & Fix Vulnerable Open Source Libraries

WhiteSource will scan your repos every time you apply a push (you are limited to 5 scans a day per repo) and will open an issue for every vulnerable open source library dependency the minute it is added. The issue will provide you with reference links, a dependency tree (if it exists), vulnerability information, and suggested fixes.

screenshot

Using GitHub Checks in WhiteSource Bolt

WhiteSource will scan your repository as part of GitHub Checks whenever a commit is pushed to the repository. If one or more vulnerabilities were found, a report with all the new vulnerabilities will be presented. You can prevent merging pull requests in case vulnerabilities were found and the check resulted in a failure.

Your Language, Your Tools

We support over 200 programming languages, and we cover all common package managers – so we got you fully covered. Check out our language page for more details.

Most Comprehensive Vulnerability Coverage

Our database provides the largest coverage of vulnerability listings from multiple databases including the CVE/NVD, GitHub issue tracker, a wide range of security advisories, and popular open source projects issue trackers.

Getting Started

Read our documentation for guidance and how to use the app.
You can also visit our Frequently Asked Questions page here.

Looking for A More Advanced Solution?

Contact us to learn more about our full open source security and license compliance platform. Start Your Free Trial Today.

Developer

WhiteSource Bolt for GitHub is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.

Report abuse
You can’t perform that action at this time.