Some kind of vulnerability tracker for dependencies. You type `gradle somecomman... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sto_hristo on May 22, 2022 \| parent \| context \| favorite \| on: Ask HN: What developer tools would you like to see... Some kind of vulnerability tracker for dependencies. You type `gradle somecommand` and it will walk the dependency graph, incl all transient ones, and show you which dependencies currently have an active vulnerability affecting them and the version that fixes it.

minkzilla on May 23, 2022 | [–]

snyk does exactly this. You can also integrate it with bitbucket so automatically make PRs with upgraded package versions.

alanbernstein on May 22, 2022 | [–]

Isn't that what dependabot does?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact