3rd party library management tool

Hi,

I am working on Vigilib Labs, a cross-platform (Windows and Linux) desktop application (with GUI) that manages 3rd party libraries from your projects.

The tool will:

• scan projects dependencies

• check for updated versions

• check for license texts

• check for known vulnerabilities

• generate reports for audits, documentation for clients, compliance with licenses for checking restrictions for distributions of your solutions

This projects aims at:

• one time purchase - use forever

• integrate with various development frameworks (the MVP will include .NET and Python)

• no account, no cloud, everything stays on your system

• use free and open sources to check for all dependencies information (versions, license, known vulnerabilities)

Example workflow:

Create a workspace -> browse for your projects -> scan your libraries -> see results in GUI -> download the report (html/pdf/other)

Notes:

• A workspace contains system paths to the projects

• The scan operation only scans for 3rd party libraries, not your code (e.g. for .NET C# it will scan for .csproj files and extract library information from there)

I am making this post to gather feedback on this idea, suggestions, anything from developers and companies who might be interested in such a solution, so please feel free to reach out!

I am curious about:

• would you use such a tool in your solution or workflow?

• do you use another solution to manage this? if yes, what pain points do you have?

Thank you, this means a lot to me!