Skip to content
Mend Bolt

Mend Bolt

Detect open source vulnerabilities in real time with suggested fixes for quick remediation

by mend5,276 installs


Supported languages

JavaScript, Ruby, C++, Python, C, PHP, Objective-C, Java, Go, and C#

We'll help you harness the power of open source without compromising on security or agility!

Mend Bolt for GitHub is a FREE app, which continuously scans all your repos, detects vulnerabilities in open source components and provides fixes. It supports both private and public repositories.

We've got you covered with over 200 programming languages support and continuous tracking of multiple open source vulnerabilities databases like the NVD and additional security advisories.

Find & Fix Vulnerable Open Source Libraries

Mend Bolt for GitHub (formerly WhiteSource) scans your repos every time you apply a push (limited to 5 scans/day per repo) and opens an issue for every vulnerable open source library. The issue will include reference links, a dependency tree (if exists), vulnerability info, and suggested fixes. Using GitHub Checks, a report will be created with all new vulnerabilities, enabling you to prevent merging pull requests.

Your Language, Your Tools

We support over 200 programming languages, and we cover all common package managers – so we got you fully covered. Check out our language page for more details.

Most Comprehensive Vulnerability Coverage

Our database provides the largest coverage of vulnerabilities from multiple databases including the CVE/NVD, GitHub issue tracker, security advisories, and popular open source projects issue trackers.

WhiteSource Bolt for GitHub Issue

Pricing and setup

Unlimited number of repositories per user. Up to 5 scans per repo per day.


WhiteSource Bolt

Unlimited number of repositories per user. Up to 5 scans per repo per day.

  • Free

Next: Confirm your installation location

Mend Bolt is provided by a third-party and is governed by separate terms of service,privacy policy, and support contact.