Works with your stack

Fits where you already work

GitHub, GitLab, Bitbucket, Slack, Jira, 9 package ecosystems. Depswright integrates with the tools your team uses — no new workflow required.

Source control

Where your code lives

GitHub

GitHub App with read-only manifest access. Inline PR annotations, GitHub Actions support, and repository webhooks for real-time scan triggers.

Setup guide

GitLab

GitLab CI component integration. Merge request annotations and pipeline status checks. Supports self-hosted GitLab EE/CE on Scale plan.

Setup guide

Bitbucket

Bitbucket Cloud webhooks with PR annotation support. Compatible with Bitbucket Pipelines. Added in v0.9.0.

Setup guide

Alerting & ticketing

Where you want to know

Slack

Post dependency alerts to a channel. Configurable severity thresholds so you get paged for critical issues, not every warning. Includes a direct link to the scan report.

Team + Scale

Jira

Auto-create Jira issues for critical dependency violations. Configures project key, issue type, priority mapping, and assignee from your Depswright policy file.

Team + Scale

Package ecosystems

9 ecosystems, full graph traversal on each

npm / yarn / pnpm

Python / pip / Poetry

Cargo (Rust)

Go modules

Maven / Gradle (JVM)

RubyGems / Bundler

NuGet (.NET)

Composer (PHP)

Swift Package Manager

More ecosystems on the roadmap. Vote for yours.

Not sure if your stack is covered?

Email us or check the docs — we're straightforward about what works and what doesn't.

Start Free Trial Ask a Question