Can DepShield work on private Git Repositories?


Since DepShield is integrated with GutHub Public and Private repositories, what about privately housed Git repositories located on an internal network, managed by a Front end tool such as Atlassian BitBucket?



Hey @john.burrows - DepShield currently uses GitHub marketplace specific APIs to effectively monitor your project. For on premise git hosting, I would suggest looking into some of the integrations with OSS Index which can be used on your build infrastructure to inspect your project. DependencyCheck, for example, has a CLI, Maven plugin and a Jenkins plugin. These are all powered with the same data as DepShield.

Sonatype DepShield for enterprise