Free developer tools for tracking software release risk. CVE monitoring, end-of-life checks, dependency scanning, and upgrade planning.
Browse 65 Free ToolsReal-time vulnerability monitoring across your entire stack. Filter by severity, CVSS score, and technology.
Security FreeUpload package.json, requirements.txt, go.mod, or any dependency file. Get a full CVE report with fix versions.
Security FreeAudit Dockerfiles for security misconfigurations, root user, hardcoded secrets, and 50+ other rules. Get fix suggestions.
Security FreePaste Kubernetes manifests and check against 99 deprecation rules. Auto-fix suggestions for removed APIs.
Security FreeAudit GitHub Actions workflows for unpinned versions, excessive permissions, and known vulnerable actions.
Security FreeVisual timeline showing when your technologies reach end of life. Plan upgrades before support expires.
FreeGet a health grade for your entire technology stack based on EOL status, CVE exposure, and update freshness.
FreeGet opinionated upgrade paths with effort estimates and breaking change warnings for any tracked technology.
FreeGenerate production-ready Nginx configurations with SSL, rate limiting, caching, and security headers.
FreeGenerate version, health, EOL, and CVE status badges for your GitHub README. 300+ technologies supported.
FreeUpload CycloneDX or SPDX SBOMs. Get compliance reports, license analysis, and supply chain risk scoring.
Security FreeScan any project directory for dependency health. Detects versions from package.json, go.mod, Dockerfile, requirements.txt, and more. Generates version-specific README badges.
Free12 security checks — runAsRoot, privileged containers, missing resource limits, hardcoded secrets. A–F score with fixes.
Security FreeScan docker-compose.yml for Docker socket mounts, privileged containers, hardcoded secrets, and DB ports open to the world.
Security FreeScan workflows for pull_request_target misuse, missing permissions blocks, and hardcoded credentials. A–F score.
Security FreeCheck .tf files for hardcoded AWS credentials, open SSH/DB ports, public S3 buckets, unencrypted RDS/EBS, no deletion protection.
Security FreeCheck any URL for missing security headers: HSTS, CSP, X-Frame-Options, Permissions-Policy, and 6 more. Nginx snippet to fix them.
Security FreePaste package.json and find deprecated, abandoned (2y+), and single-maintainer risk packages.
FreePaste requirements.txt and find yanked packages, abandoned deps (5y+), and version gaps against PyPI.
FreePaste go.mod and find major version gaps, pseudo-versions, and stale dependencies via the Go module proxy.
FreePaste Cargo.toml and find yanked crates, major version gaps, and abandoned crates.io packages.
FreePaste pom.xml or Maven coordinates. Flags outdated Spring Boot, log4j 1.x EOL, and Log4Shell-vulnerable log4j 2.x versions.
FreeCheck every uses: action for outdated versions, mutable tag pinning, and unverified publishers.
Security FreeAdd stack health checks to your CI pipeline. Posts grade reports on PRs, fails builds on EOL dependencies, auto-updates README badges.
FreeCompact single-product widget for docs, dashboards, internal portals, and READMEs. Shows support status, days to EOL, and live badges.
Executive-style stack summary for engineering dashboards. Shows weighted score, grade, support/risk/EOL counts, and a CTA back to ReleaseRun.
ReleaseRun tracks software releases across 50+ technologies including Node.js, Python, Go, Rust, Kubernetes, Docker, PostgreSQL, React, Terraform, and more. Each technology gets a dedicated hub page with lifecycle timelines, upgrade paths, risk scoring, and version comparisons.
Our 30 free tools are built for engineering teams who need to understand release risk before upgrading. Everything runs client-side, no signup required. We also offer a CLI tool (v1.4.0), a GitHub Action, and embeddable badges for your READMEs.
We track 1,029 individual version pages with EOL dates, support status, and security advisories across all technologies. Our grading methodology is fully transparent.