Table of Contents
Announcing the new GitLab CI/CD Component, available in GitLab CI Catalog for seamless integration of vet in GitLab CI. Protect against vulnerable and malicious packages in your GitLab projects. This integration enables GitLab users to easily integrate vet with their GitLab CI pipelines. This integration protects GitLab projects from vulnerable and malicious packages in the dependency tree.
TL;DR
Usage
Features
- Scan all dependencies and report vulnerabilities to GitLab security dashboard
- Integrates with SafeDep Cloud to protect against malicious open source packages through active code analysis
Support
- Report bugs and feature requests to GitHub issues
- Start feature discussions at GitHub discussions
- gitlab
- cicd
- integration
- malware
Author
SafeDep Team
safedep.io
Share
The Latest from SafeDep blogs
Follow for the latest updates and insights on open source security & engineering
Miasma Worm: Most Infected GitHub Repos Are Still Live
Eight days after the Miasma worm forged a credential stealer into public GitHub repositories, most are still serving it. A re-scan of the published victim list plus a fresh code-search sweep found...
Config Files That Run Code: Supply Chain Security Blindspot
Editor and package-manager config files auto-execute commands when a developer opens a folder or installs dependencies. The Miasma worm wired one dropper into seven of them across Claude Code,...
Inside the Miasma Software Supply Chain Attack Toolkit
The Miasma worm source code appeared on GitHub through compromised developer accounts. The codebase is a full supply chain attack toolkit with credential exfiltration across AWS, Azure, GCP, and...
Miasma Worm Targets AI Coding Agents via GitHub Repos
A Miasma worm variant injects a 4.3 MB dropper into GitHub repos across multiple maintainers, wiring it to auto-run through Claude Code, Gemini, Cursor, and VS Code config files. No npm package is...
Ship Code.
Not Malware.
Start free with open source tools on your machine. Scale to a unified platform for your organization.
