Dependency-Track is a web application that allows organizations to document the use of third-party components across multiple applications and versions.
The OWASP Top Ten 2013 introduces, for the first time, the use of third-party components with known vulnerabilities. Dependency-Track aims to document the usage of all components, the vendors, libraires, versions and licenses used and provide visibility into the use of vulnerable components.
Development of Dependency-Track is sponsored by Axway
More information can be found on the wiki.
$ mvn package
Finally, deploy the resulting WAR to your web application server (Tomcat, Jetty, etc)
Copyright & License
Dependency-Track is Copyright (c) Axway. All Rights Reserved.
Permission to modify and redistribute is granted under the terms of the GPLv3 license. See the LICENSE.txt file for the full license.
Dependency-Track makes use of several other open source libraries. Please see the NOTICES.txt file for more information.