OP

OpenSCA-cli

OpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities, and license compliance.
Latest: 3.0.10 Web Scrape
Last checked: Mar 9, 2026 6:44pm
Followers: 0
Rank: 1128/17421
Also monitored via:
GitHub Releases Site Monitor Winget
Report

Overview

0
License: Apache-2.0Installer: CLI binaryWinget: Available
Product Page Support Page Download Page

Version & Lifecycle

0
Current: 3.0.10 N-2: 3.0.8 Oldest supported: 1.0.5 Avg cadence: Every 65 days

Tags

0
security supply chain open source vulnerability scanning license analysis CLI

Top Contributors

Top sitewide contributors:

  1. Anbarasan
  2. nico_k
  3. Bob
  4. Vigneshwaran

Community Notes

Command-line note • March 12, 2026
0

OpenSCA-cli – Command-line note

For enterprise deployment of OpenSCA-cli on Windows, download the appropriate executable from GitHub releases, unzip it to a target directory like C:ToolsOpenSCA-cli, and add that directory to the system PATH environment variable for seamless access across scripts and users.
Use opensca-cli -path %PROJECT_PATH% -config %CONFIG_PATH% in deployment automation or CI/CD pipelines, with config.json handling advanced settings like output formats and tokens.

Release Notes & Updates

0
Avg cadence:
Updates • 0

Packaging Notes

0

Supports macOS (Apple Silicon, Intel) and Linux (ARM64, x86_64). Can be executed directly after decompression without environment variables.

Notes

0

OpenSCA supports local and cloud vulnerability databases including CVE/CWE/NVD/CNVD/CNNVD. It is open source and available on GitHub. Silent install/uninstall commands are not documented.