osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Use OSV Scanner to find existing vulnerabilities affecting your project's dependencies. OSV Scanner provides an officially supported frontend to the OSV database and CLI interface to OSV Scalibr that connects a project’s list of dependencies with the vulnerabilities that affect them. It has reached 10,334 GitHub stars, written primarily in Go.

Why now: Recent coverage — "Google OSV-Scanner: Open Source Vulnerability Scanner" — alongside renewed developer interest is driving current visibility.

• 10,334 GitHub stars, 706 forks — verifiable at github.com/google/osv-scanner.
• Primary language Go; topics: scanner, security-audit, security-tools, vulnerability-scanner.
• Licensed Apache-2.0.
• Third-party coverage: "Google OSV-Scanner: Open Source Vulnerability Scanner".

Considerations: Solid adoption (10,334 stars) but quiet cross-source signal right now — established utility more than a current breakout.

EARLY MOMENTUM · Research: Adoption is real but cross-source confirmation is thin — a short hands-on trial (Go) will tell you more than the metrics.

Sources: google/osv-scanner on GitHub · Project homepage · Google OSV-Scanner: Open Source Vulnerability Scanner · How to use OSV Scanner for free | Amorn Apichattanakul posted on the topic | LinkedIn · FreshPorts -- security/osv-scanner: Vulnerability scanner written in Go which uses the OSV database