OSV-Scanner

Pro Plan Feature

This feature is available exclusively as part of the Pro plan and is not included in the Lite plan. Please refer to our pricing page for more information about our plans and features.

OSV-Scanner is Google's vulnerability scanner that identifies vulnerabilities in your project's dependencies using the OSV.dev database.

Configuration

OSV-Scanner requires an osv-scanner.toml configuration file to run.

note

CodeRabbit will only run OSV-Scanner if your repository contains an osv-scanner.toml configuration file.

Links

• OSV-Scanner GitHub Repository
• OSV-Scanner Documentation
• OSV.dev Database