Dependencies

Software Bill of Material

Weblate comes with a Software Bill of Material (SBOM) in the source core as docs/specs/sbom/sbom.json using the CycloneDX format. This can be used to review the dependencies for security issues or license compliance.

Rastreamento de dependências para vulnerabilidades

Security issues in our dependencies are monitored using Renovate. This covers the Python and JavaScript libraries, and the latest stable release has its dependencies updated to avoid vulnerabilities.

Dica

Pode haver vulnerabilidades em bibliotecas de terceiros que não afetam o Weblate, portanto, não são solucionadas com o lançamento de versões de correção de bugs do Weblate.

Segurança de contentor Docker

The Docker containers are scanned for security vulnerabilities in our CI. This allows us to detect vulnerabilities early and release improvements quickly.

You can get the results of these scans at GitHub — they are stored as artifacts on our CI as SARIF.

Veja também

Integração contínua, Renovate, Anchore