Get started with vet in under 5 minutes
For SafeDep Cloud, refer to Cloud Quickstart
Learn how to use SafeDep vet to detect security risks and implement policy-based controls that help you avoid incorporating vulnerable or malicious open source dependencies into your projects.
Homebrew (macOS/Linux)
Container Image
Pre-built Binary
Download a pre-built binary suitable for your OS at GitHub Releases
For additional installation options, refer to vet’s README.
Scan a source code repository, auto-discovering well-known manifest files:
Scan a single file
Scan a PURL
Scan a Java JAR file
Scan an OCI image
For more information on scanning options, refer to vet’s README.
vet
supports CEL based policy language for identifying risks. Scan and fail on critical or high risk vulnerabilities:
Multiple CEL queries can be combined to create a comprehensive policy. See example. Audit your application using your opinionated policy as code:
vet
supports a native GitHub Action that can be used to easily setup policy-driven guardrails against risky OSS components.
Setup vet with GitHub Actions and Code Scanning
Integrate vet with GitLab CI/CD pipelines
Learn advanced policy configuration with CEL
Scale across your organization with SafeDep Cloud
Refer to vet GitHub Repository for the latest documentation on usage and advanced features.