Table of Contents
Announcing the new GitLab CI/CD Component, available in GitLab CI Catalog for seamless integration of vet in GitLab CI. Protect against vulnerable and malicious packages in your GitLab projects. This integration enables GitLab users to easily integrate vet with their GitLab CI pipelines. This integration protects GitLab projects from vulnerable and malicious packages in the dependency tree.
TL;DR
Usage
Features
- Scan all dependencies and report vulnerabilities to GitLab security dashboard
- Integrates with SafeDep Cloud to protect against malicious open source packages through active code analysis
Support
- Report bugs and feature requests to GitHub issues
- Start feature discussions at GitHub discussions
- gitlab
- cicd
- integration
- malware
Author
SafeDep Team
safedep.io
Share
The Latest from SafeDep blogs
Follow for the latest updates and insights on open source security & engineering
Malicious npm Package express-session-js Drops Full RAT Payload
A malicious npm package typosquatting express-session fetches and executes a full Remote Access Trojan from a paste service, targeting browser credentials, crypto wallets, SSH keys, and more.
Compromised telnyx on PyPI: WAV Steganography and Credential Theft
Analysis of malicious telnyx 4.87.1 and 4.87.2 on PyPI โ a package with over 1 million monthly downloads: injected code uses WAV audio steganography to deliver payloads that steal credentials and...
axios Compromised: npm Supply Chain Attack via Dependency Injection
axios 1.14.1 was published to npm via a compromised maintainer account, injecting a trojanized dependency that executes a multi-platform reverse shell on install. No source code changes in axios...
Malicious litellm 1.82.8: Credential Theft and Persistent Backdoor
Analysis of compromised litellm 1.82.8 on PyPI: a .pth file triggers credential theft, AWS/K8s secret exfiltration, and persistent C2 backdoor on install.
Ship Code
Not Malware
Install the SafeDep GitHub App to keep malicious packages out of your repos.
Install GitHub App