/* Remove underline from links on hover */
a:hover {
  text-decoration: none !important;
}

/* Ensure no underline on card links */
.card a:hover,
.card-link:hover {
  text-decoration: none !important;
}

/* Remove underline from navigation links */
nav a:hover,
.nav-link:hover {
  text-decoration: none !important;
}

/* Remove underline from content links while maintaining visual feedback */
.content a:hover,
.prose a:hover {
  text-decoration: none !important;
}

/* Remove underline from anchor links in global navigation */
.global-anchor:hover,
.anchor-link:hover {
  text-decoration: none !important;
}

/* Ensure all link types don't show underline on hover */
a[href]:hover {
  text-decoration: none !important;
}

Welcome

Introduction

SafeDep Documentation

Secure your open source software supply chain with SafeDep

Welcome to SafeDep

Quick Start

Understanding the need for automated open source dependency vetting

Why vet?

Free and open source tool for identifying risks in open source software supply chain

About vet

Integrate vet with GitHub Actions and Code Scanning for automated security alerts

GitHub Code Scanning

Native GitLab integration for dependency security scanning with vet

GitLab Dependency Scanning

Integrate vet with DefectDojo for centralized vulnerability tracking and management

DefectDojo Integration

Generate comprehensive Software Bill of Materials (SBOM) with security metadata using vet

CycloneDX SBOM Generation

Generate accurate dependency inventories using package managers and SBOM tools

Dependency Inventory

Analyze code and dependency usage patterns with vet's code analysis features

Code Analysis

Identify which dependencies are actually used in your code using static code analysis

Dependency Usage Identification

Build applications that leverage SafeDep Insights API using TypeScript and ConnectRPC

Insights API with TypeScript

Audit Terraform provider inventory for supply chain risks using SafeDep Cloud

Terraform Supply Chain Audit

Use CEL expressions to filter and analyze dependencies with flexible criteria

Filtering

Speed up filtering and reporting by working with enriched JSON data dumps

Build Your Own Queries

Automate security policy enforcement with CEL-based rules

Policy as Code

Manage false positives and acceptable risks with time-bound exceptions

Exceptions Management

Exclude specific directories and files from security scans using pattern matching

Path Exclusion

Control and management plane for open source software supply chain security

SafeDep Cloud Overview

Get started with SafeDep Cloud in under 10 minutes

Cloud Quick Start

Understand SafeDep Cloud authentication methods and API access patterns

Authentication

Synchronize vet scan data and policy violations with SafeDep Cloud for centralized analysis, query and reporting

Cloud Sync

Detect malicious packages in your dependencies using SafeDep Cloud's advanced code analysis capabilities

Malware Analysis

Frequently asked questions about SafeDep Cloud authentication and usage

Cloud FAQ

Join the SafeDep and vet user community for support and discussions

Community

Frequently asked questions about using vet and troubleshooting common issues

Useful references and resources for open source security and supply chain protection

API Documentation

​Welcome

Welcome