LunaSec
Open-source supply chain security scanner that automatically detects vulnerabilities like Log4Shell in dependencies and notifies via GitHub pull requests.
What is LunaSec?
LunaTrace is an open-source supply chain security scanner that automatically detects vulnerabilities in project dependencies, such as Log4Shell or node-ipc, and alerts developers through GitHub pull requests and builds. It helps teams prevent security risks from reaching production by integrating vulnerability checks directly into their development workflow. The tool provides a centralized web console for tracking dependencies and their security status across projects.
Development and security teams working on software projects with dependencies, particularly those using GitHub for version control and CI/CD pipelines. It is ideal for organizations seeking to automate vulnerability detection and reduce manual security oversight.
Developers choose LunaTrace because it offers a free, open-source alternative to commercial tools like Snyk, with the flexibility of self-hosting or using a SaaS version. Its deep integration with GitHub pull requests provides actionable, timely alerts that fit seamlessly into existing development processes, making security proactive rather than reactive.
Overview
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Use Cases
Best For
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
