Overview

Have a look at your secure software development lifecycle posture assessment and get an overview of the risks this specific repository poses to your organization.

Security Posture

The security posture of the repository is determined by the compliance of the repository with the security policies of the organization.

10 controls are failing

To-Do's

Tasks that need to be completed before the repository is ready for production, ordered by priority.

CIA requirements set for assetCould not evaluate control

This policy checks if the CIA (Confidentiality, Integrity, Availability) requirements are set in DevGuard for the asset.

Code review for changes on default branchCould not evaluate control

This policy checks if code review is performed for changes on the default branch.

Container scanning executedCould not evaluate control

This policy checks if container scanning was executed.

Compliance Controls
Overview

Displays the compliance of the repository with the security policies of the repository.

0 / 10 Controls are passing (0.0 %)

critical severitySee all

By Risk. By CVSS you would have1critical severity vulnerabilities

high severitySee all

By Risk. By CVSS you would have2high severity vulnerabilities

medium severitySee all

By Risk. By CVSS you would have2medium severity vulnerabilities

low severitySee all

By Risk. By CVSS you would have4low severity vulnerabilities

LicensesSee all

Displays the distribution of dependency licenses

MIT

OSI Approved

MIT License, 2785 dependencies

ISC

OSI Approved

ISC License, 201 dependencies

Apache-2.0

OSI Approved

Apache License 2.0, 118 dependencies

unknown

unknown, 62 dependencies

BSD-3-Clause

OSI Approved

BSD 3-Clause "New" or "Revised" License, 42 dependencies

BSD-2-Clause

OSI Approved

BSD 2-Clause "Simplified" License, 28 dependencies

LGPL-3.0-or-later

OSI Approved

GNU Lesser General Public License v3.0 or later, 21 dependencies

0BSD

OSI Approved

BSD Zero Clause License, 13 dependencies

BlueOak-1.0.0

OSI Approved

Blue Oak Model License 1.0.0, 4 dependencies

CC0-1.0 OR MIT

CC0-1.0 OR MIT, 3 dependencies

CC-BY-4.0

Creative Commons Attribution 4.0 International, 3 dependencies

Apache-2.0 AND LGPL-3.0-or-later

Apache-2.0 AND LGPL-3.0-or-later, 3 dependencies

Apache-2.0 OR MPL-2.0

Apache-2.0 OR MPL-2.0, 3 dependencies

Python-2.0

OSI Approved

Python License 2.0, 2 dependencies

MPL-2.0

OSI Approved

Mozilla Public License 2.0, 2 dependencies

Unlicense

OSI Approved

The Unlicense, 2 dependencies

non-standard

non-standard, 2 dependencies

CC0-1.0

Creative Commons Zero v1.0 Universal, 1 dependencies

Apache-2.0 AND LGPL-3.0-or-later AND MIT

Apache-2.0 AND LGPL-3.0-or-later AND MIT, 1 dependencies

Activity StreamSee all

Displays the last events that happened on the repository.

System detected CVE-2025-27587 in debian/openssl
container-scanning
System fixed CVE-2025-48068
sca
System removed scanner: container-scanning in next
container-scanning

Overview

Security Posture

To-Do's

Compliance ControlsOverview

critical severitySee all

high severitySee all

medium severitySee all

low severitySee all

LicensesSee all

Activity StreamSee all

Compliance Controls
Overview