Check health of Open Source components directly from forge websites (github, gitlab, npmjs...)
Visualize versions, security vulnerabilities (CVEs), license risk and compliance of Open Source repositories directly from forge websites (github, gitlab, npmjs...), maven, packagist, nuget, etc.
Steps to use this extension:
1. Once installed, visit one of the supported repository urls (e.g., https://www.npmjs.com/package/swagger-ui) and click on the extension icon.
2. Login by using your CAST Highlight credentials or with a user token (SSO/SAML authentication is not supported)
3. See information on the repository such as vulnerabilities (CVEs), licenses, released versions, etc.
Installation and usage instructions:
https://doc.casthighlight.com/install-use-cast-highlight-sca-browser-extension/
CAST Highlight is a software intelligence product for rapid application portfolio analysis. It automatically analyzes source code of hundreds of applications in a week for Cloud Readiness, Open Source risks, Resiliency, and Agility. It combines objective software insights with qualitative surveys for business context.