Some big news from Sonatype this week. Yesterday we announced the launch of DepShield, a free GitHub app that automatically identifies vulnerabilities within open source dependencies.
DepShield supports Maven projects now with more ecosystems on the roadmap.
Try it out and let us know what you think! We have a DepShield section of the community where you can send us your feedback.