x2y Guardian
Professional cross-language dependency vulnerability scanning
Overview
x2y-guardian is designed for developers and security teams who want a unified solution for scanning projects across multiple languages and package managers. By leveraging the OSV (Open Source Vulnerability) database and aggregating data from key security advisories, it provides accurate, up-to-date vulnerability information for dependencies.
Ensure safe and secure software projects with comprehensive vulnerability scanning across 7+ programming languages in a single tool.
Key Features
Multi-language Support
Scan JavaScript, Python, Java, Go, Rust, PHP, and Ruby projects
Precise Vulnerability Matching
Accurate mapping of vulnerabilities to package versions
Comprehensive Audit
Detects outdated dependency versions in all ecosystems
Advanced Parsing
Supports nested modules, dev-dependencies, and complex scenarios
Multiple Output Formats
Console output for development and JSON for CI/CD integration
Cross-platform Compatible
Works seamlessly on Windows, macOS, and Linux
Supported Ecosystems
JavaScript/Node.js
package.json
npm
Python
requirements.txt, pyproject.toml
pip
Java
pom.xml, build.gradle, build.gradle.kts
Maven, Gradle
Go
go.mod
Go Modules
Rust
Cargo.toml
Cargo
PHP
composer.json
Composer
Ruby
Gemfile, Gemfile.lock
RubyGems
Installation
NPM Global
npm install -g x2y-guardianUsage
Commands
Scanning Examples
# Display greeting
x2y-guardian hello
# Scan current project in console format
x2y-guardian scan
# Scan a specific path with console output
x2y-guardian scan --path /path/to/your/project --output console
# Scan and output results as JSON
x2y-guardian scan --path /path/to/your/project --output json
# Audit dependencies for outdated versions
x2y-guardian auditData Sources
x2y-guardian aggregates vulnerability data from authoritative sources:
- •GitHub Security Advisories
- •PyPA (Python Package Authority)
- •RustSec (Rust Security Advisory Database)
- •Global Security Database
- •OSV (Open Source Vulnerability) Schema