🍺 BREW Explorer

← all formulae

osv-scanner

brew install osv-scanner v2.4.0 Apache-2.0

Go command-line tool that scans project dependencies against the OpenSource Vulnerabilities (OSV) database for known security flaws.

Why you might care

Detects vulnerable dependencies across multiple package managers and lockfiles (npm, pip, Maven, etc.) without requiring network calls for each package. Faster and more accurate than manual audits, and integrates directly into CI/CD pipelines for continuous vulnerability scanning.

Categories

security scanner sysadmin

Alternatives

npm audit snyk dependabot cargo-audit
2.2k
30-day installs · #926
6.9k
90-day · #958
18.9k
365-day · #1088

Build dependencies

go

Links

Blurb generated by claude-haiku-4-5 on today.

Raw metadata 
{
  "aliases": [],
  "alternatives": [
    "npm audit",
    "snyk",
    "dependabot",
    "cargo-audit"
  ],
  "build_dependencies": [
    "go"
  ],
  "categories": [
    "security",
    "scanner",
    "sysadmin"
  ],
  "caveats": null,
  "conflicts_with": [],
  "dependencies": [],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "Vulnerability scanner which uses the OSV database",
  "disable_reason": null,
  "disabled": 0,
  "enrichment_fetched_at": "2026-06-20T23:41:12+00:00",
  "first_seen": "2026-06-20T23:34:18+00:00",
  "full_name": "osv-scanner",
  "github_default_branch": null,
  "github_last_commit_at": null,
  "github_readme_excerpt": null,
  "github_repo": null,
  "github_stars": null,
  "github_topics": [],
  "homepage": "https://google.github.io/osv-scanner/",
  "homepage_og_description": "Use OSV-Scanner to find existing vulnerabilities affecting your project\u2019s dependencies.",
  "homepage_og_image": null,
  "homepage_title": "OSV-Scanner | Use OSV-Scanner to find existing vulnerabilities affecting your project\u2019s dependencies.",
  "installs_30d": 2226,
  "installs_365d": 18901,
  "installs_90d": 6860,
  "keg_only": 0,
  "keg_only_reason": null,
  "last_seen": "2026-06-20T23:34:18+00:00",
  "license": "Apache-2.0",
  "llm_generated_at": "2026-06-20T23:47:54+00:00",
  "llm_model": "claude-haiku-4-5",
  "name": "osv-scanner",
  "oldnames": [],
  "one_liner": "Go command-line tool that scans project dependencies against the OpenSource Vulnerabilities (OSV) database for known security flaws.",
  "optional_dependencies": [],
  "rank_30d": 926,
  "rank_365d": 1088,
  "rank_90d": 958,
  "raw_hash": "3a125ca7d054d3a7",
  "recommended_dependencies": [],
  "revision": 0,
  "ruby_source_path": "Formula/o/osv-scanner.rb",
  "tap": "homebrew/core",
  "test_dependencies": [
    "go"
  ],
  "uses_from_macos": [],
  "version_head": "HEAD",
  "version_stable": "2.4.0",
  "versioned_formulae": [],
  "why_use_this": "Detects vulnerable dependencies across multiple package managers and lockfiles (npm, pip, Maven, etc.) without requiring network calls for each package. Faster and more accurate than manual audits, and integrates directly into CI/CD pipelines for continuous vulnerability scanning."
}