Table of Contents
Announcing the new GitLab CI/CD Component, available in GitLab CI Catalog for seamless integration of vet in GitLab CI. Protect against vulnerable and malicious packages in your GitLab projects. This integration enables GitLab users to easily integrate vet with their GitLab CI pipelines. This integration protects GitLab projects from vulnerable and malicious packages in the dependency tree.
TL;DR
Usage
Features
- Scan all dependencies and report vulnerabilities to GitLab security dashboard
- Integrates with SafeDep Cloud to protect against malicious open source packages through active code analysis
Support
- Report bugs and feature requests to GitHub issues
- Start feature discussions at GitHub discussions
- gitlab
- cicd
- integration
- malware
Author
SafeDep Team
safedep.io
Share
The Latest from SafeDep blogs
Follow for the latest updates and insights on open source security & engineering
Malicious npm Package pino-sdk-v2 Exfiltrates Secrets to Discord
A malicious npm package impersonating the popular pino logger was detected by SafeDep. The package hides obfuscated code inside a legitimate library file to steal environment secrets and send them to...
Integrate SafeDep MCP in GitHub Agentic Workflow
Learn how to integrate SafeDep MCP with GitHub Agentic Workflows to automatically evaluate the security posture of OSS dependencies in your pull requests using AI.
Gryph: Audit Trail for AI Coding Agents
AI coding agents operate with broad access to your codebase, credentials, and shell. Gryph logs every action they take to a local SQLite database, making agent behavior visible, queryable, and...
Shadow AI Discovery: Find Every AI Tool and SDK in Your Stack
AI tools and SDKs are spreading across developer environments faster than security teams can track. vet discovers agents, MCP servers, extensions, and AI SDK usage in code. Open source, local, one...
Ship Code
Not Malware
Install the SafeDep GitHub App to keep malicious packages out of your repos.
Install GitHub App