Checking potential vulnerabilities in project dependencies
Software projects nowadays are based on many third party and open source libraries. It is important to be aware of any potential security vulnerabilities in these components, to ensure our own software project is secure. Thanks to OSSIndex and Vor Security, we now have a vulnerability report ready for your MyGet feed!
While still in preview, every feed now has a Vulnerabilities tab which reports potential vulnerabilities in packages on that feed, whether NuGet, npm or Bower.
The vulnerability report provides us with an overview of potential vulnerabilities in our dependencies. We can also see the percentage of packages with potential vulnerabilities versus the percentage of packages with no known vulnerabilities.
Give it a go, we’re looking forward to your feedback on this new feature! Leave your comments below or reach out on Twitter.