- No access to your code is requested. You can update your dependencies manually by uploading your Gemfile.lock or automatically using a git post-commit hook (Octotrack provides a simple script to install).
- Analyse dependencies relationships. Understand the connections between your dependencies and how much you rely on each of them.
- Daily notifications of vulnerabilities and dependencies updates. Octotrack works for you while you sleep 😴 so you never have to wake up in the middle of the night because of a security issue.
The project overview allows quick identification of CVE's, dependencies update status and immediate actions.
Invite your team to join a specific project and keep them updated of new releases and security vulnerabilities.
Easily share with anyone a PDF summarising the vulnerabilities affecting your project and get feedback.
Loofah allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments.