Detect end-of-life (EOL) packages in container images, filesystems, and SBOMs
The End of Life (EOL) feature is a crucial component of our code quality and security product. It provides a comprehensive dashboard to monitor and manage the lifecycle status of software dependencies. This feature helps developers and security teams proactively identify and update dependencies that are approaching or have reached their end-of-life, thereby mitigating potential security risks and maintaining code quality.
In the context of software dependencies, End of Life refers to the point in time when a software component no longer receives updates or patches, including critical security fixes. Once a dependency reaches its end of life, it is no longer safe to use in production as it may expose the application to vulnerabilities and compliance issues.
The EOL dashboard utilizes data from the endoflife.date database, which is sponsored by Datadog and Netlify. It provides up-to-date information on the lifecycle status of various software packages. The dashboard supports the following data:
Our EOL feature tracks a wide array of packages across different ecosystems, including but not limited to:
Currently, the dashboard provides lifecycle data for 335 packages, ensuring comprehensive coverage and aiding in effective dependency management.
Besides tracking end-of-life dates, the EOL dashboard offers several other features to enhance its utility: