Can DepShield work on private Git Repositories?


#1

Since DepShield is integrated with GutHub Public and Private repositories, what about privately housed Git repositories located on an internal network, managed by a Front end tool such as Atlassian BitBucket?

Thanks,
John


#2

Hey @john.burrows - DepShield currently uses GitHub marketplace specific APIs to effectively monitor your project. For on premise git hosting, I would suggest looking into some of the integrations with OSS Index which can be used on your build infrastructure to inspect your project. DependencyCheck, for example, has a CLI, Maven plugin and a Jenkins plugin. These are all powered with the same data as DepShield.


Sonatype DepShield for enterprise