Skip to content

Missing Software Composition Analysis (SCA) Scanning

Checks for repositories that do not have Software Composition Analysis (SCA) scanning enabled.

Examples

GitHub

Ensure Dependabot alerts are automatically enabled on new repositories.

Insecure Example

Insecure Dependabot Configuration

Secure Example

Secure Dependabot Configuration