- No access to your code is requested. You can update your dependencies manually by uploading your Gemfile.lock or automatically using a git post-commit hook (Octotrack provides a simple script to install).
- Analyse dependencies relationships. Understand the connections between your dependencies and how much you rely on each of them.
- Daily notifications of vulnerabilities and dependencies updates. Octotrack works for you while you sleep 😴 so you never have to wake up in the middle of the night because of a security issue.
The project overview allows quick identification of CVE's, dependencies update status and immediate actions.
Invite your team to join a specific project and keep them updated of new releases and security vulnerabilities.
Easily share with anyone a PDF summarising the vulnerabilities affecting your project and get feedback.
The version of libxml2 packaged with Nokogiri contains several vulnerabilities. Nokogiri has mitigated these issues by upgrading to libxml 2.9.5. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial...
nokogiri version 1.7.2 has been released. This is a security update based on 1.7.1, addressing two upstream libxslt 1.1.29 vulnerabilities classified as "Medium" by Canonical and given a CVSS3 score of "6.5 Medium" and "8.8 High" by RedHat. These patches only apply when using Nokogiri's vendor...