Supported tools
OSV-Scanner
Guide to using the OSV-Scanner tool with CodeRabbit’s AI code reviews.
OSV-Scanner is Google’s vulnerability scanner that identifies vulnerabilities in your project’s dependencies using the OSV.dev database.
Configuration
OSV-Scanner requires anosv-scanner.toml configuration file to run.
CodeRabbit will only run OSV-Scanner if your repository contains an
osv-scanner.toml configuration file.