alt Hacker NewsWhat’s nice about Dependabot is that it works across multiple languages and platforms. Is there an equivalent to govulncheck for say NPM or Python?
Replies
tech2 • yesterday at 11:20 PM
For python maybe pip-audit, and perhaps bandit for a little extra?
It doesn't have the code tracing ability that my sibling is referring to, but it's better than nothing.
> Is there an equivalent to govulncheck for say NPM or Python?
There never could be, these languages are simply too dynamic.