×
×


You are on our Free Plan. Your benefits allow you to:
  • Analyse an unlimited number of opensource projects.
  • Analyse one closed source project.
Using Github?
We have Github badges available for Java and NodeJS languages.
Integrating these projects to show badges on your Github page is easy. Just select the Badges tab and paste your project URL.
You will be able to generate the Github badges and get started in minutes. Just copy the generated markdown content in your readme.md file on GitHub.
Using a CI?
If you are integrating Meterian in your build system, the Tokens tab allows you to create the client tokens you need in your Meterian installation. See the Client tab to learn how to integrate our client in your CI/CD pipeline, and find your report in the Projects tab.
Manage license risks.
Define your own rules using the Policies tab in order to define which licenses are allowed (or forbidden) by your organization's software development policy. Protect yourself from the risk of using components with copyleft licenses.
Take control of your account.
You can manage your account details using the Details tab, manage your team members' in the MembersTeams tab.
Using the CLI?
If you are using Meterian from the command line please check the Client tab to discover how to download and use the Meterian Client. It's very simple and you won't need any setup!
Something missing?
If you need more advanced features try one of our paid plans. On a paid plan you will be able to:
  • have full API access
  • manage multiple projects
  • generate a bill of materials
  • manage licenses risks

Get in touch if you’d like to ask for a trial or an upgrade.

Got questions?
Please see if our frequently asked questions, documentation for supported languages and CI platform integrations answer your questions. If not, please contact our support email.
Badges
If you have a GitHub project you can easily generate badges for your opensource project. Just enter your project GitHub URL and click the Generate button: the code snippets of the badges will be generated automatically. Your badges will also contain a live link to the official report from Meterian, that will be updated at least daily.
Enter public Github URL :

Select your private, public-marked, project to generate the badges:

Select your private project to generate the badges:

(This badge will be usable only on github.com)


 
For the security badge, please add this snippet to your README file:
[![security status]($baseurl/badge/gh/spring-projects/spring-boot/security)]($baseurl/report/gh/spring-projects/spring-boot)
                                        
                                    
For the stability badge, please add this snippet to your README file:
[![stability status]($baseurl/badge/gh/spring-projects/spring-boot/stability)]($baseurl/report/gh/spring-projects/spring-boot)
                                        
                                    
For the licensing badge, please add this snippet to your README file:
[![licensing status]($baseurl/badge/gh/spring-projects/spring-boot/licensing)]($baseurl/report/gh/spring-projects/spring-boot)
                                            
                                        
The client application
You will need the Meterian Client application if you are integrating meterian in your CI/CD pipeline or you want to analyze closed source project, badges only work on public repositories on github.com. During any of the CI/CD stages you can use the client to quickly assess the status of your project and block the progress if the results are not good enough. This will give you confidence you will not deliver a project containing known vulnerabilities or not up to date libraries, to the level you consider acceptable.
System requirements
  • The client is a Java native application written in Java8, so you will need to have a suitable JRE to run it. It will run on any platform where such runtime is accessible.
  • To run the analysis locally the client will need to have access to your local Maven/Gradle/NPM installation. Depending on your tooling you may also need some environment variables set up, like JAVA_HOME for Gradle, but this is exactly the same setup you woould use in you normal build environment.
  • As the analysis is performed remotely, the client will need to have access to a working internet connection that can reach the domain *.meterian.com using https.
Documentation and download

For any question, please contact our support email.
The application tokens
These tokens are used to authenticate any Meterian application, like the Client Application, to act on behalf of your account. Once you generate a token you will have to specify a name for it. Then you will be able to download the token just by clicking on it. In order to use it, see the documentation for the specific application.


Existing authentication tokens
TokenNameTeam Actions
No tokens so far.

Name Branch
No projects found for this selection.
No projects so far, please use the client:
Your projects dependencies
A view of all the vulnerable dependencies found among all the projects with useful insights.
No dependencies so far, please use the client: If you already have projects please scan them again.
Dependency High Medium Low
No dependencies found for this selection.
Your account members
This panel will allow you to link existing or new collaborators to your account to represent your current team. Based on their role they will be provided with a certain range of permissions as follows:
  • Adminstrator - can do anything on your account, including disabling it
  • Collaborator - can run analysis, apply ignore rules and view reports
  • Viewer - can view online reports only
Account members
Daily analysis usage
Add a new member:

Teams

Add a new team:

You have reached the maximum limit of teams for your account.

Think you might need more teams?
You can always update your subscription.
Contact us for more information.

No team is currently selected.

Select a team from the menu.

This team has no members.

Add a new member

This team contains all the members of this account.

Only administrators can access this list.

Add a new member:

Your license policies
This panel will allow you to manage your licence policies. You will be able to define which licenses you accept and which one you deny in the libraries used by your project.
Account policies
No policies so far.

Your account
Your account allows you to link all projects and members together. Your account is linked to a plan with specific benefits.
The name of your account
This is the name assigned to your account. It can be really anything it makes sense to you and, of course, it can be changed at any time.
The contact email of your account
This is the main contact email of your account, where you receive notification about people joining or leaving your account, changes made to your plan, and any other account-wide relevant information. You can change this email but you will need to follow a validation process: unless this is successful, the change will not be executed. Please contact our support email if you need any assistance.
Your account Github organization
By selecting an organization from this list, all the members of the specific Github organization will be automatically added to this Meterian account once they have performed their first login with Github.
You have to be an admin of both Github organization and Meterian account.
Support login token
This token can be used to allow a member of the Meterian support team to login in your behalf in the case you are experiencing issues within your account.
Simple generate or refresh the token and communicate it to a member of the Meterian support team.
The token automatically expires after 8 hours after its issue.

Experimental Mode
Fancy trying all the features Meterian has to offer? Some of the functionalities are still in develompent or in testing, but you can try them out by turning on the Experimental Mode.
In Experimental Mode is not guaranteed full stability as these features are still being worked on by developers.
Why not give it a try? You can disable the Experimental Mode any time you want.

Notifications
Get notified if a project in your account becomes vulnerable. Activate the Meterian notification service here

The plan associated to your account
This is the plan associated to your account, and can be changed at any time but at the moment only by contacting our support email.
Disable your account
This will allow you to disable your account. Nothing will be lost, but you will need to contact our support email if you need to restore o completely delete your account. This is required in case you need to join, as a member, another account, as at this stage Meterian` does not support multiple accounts for the same user.

Configuration
Customize your account configuration to get the best out of Meterian.

Security Score Calculation
Calculation by CVSS The score starts at 100. For each vulnerability, points are deducted based on its CVSS score. The amount of points deducted is between 0 and 50: it's proportionate to the score of the vulnerability, that goes from 0 to 10. For example, a score of 9 will deduct 45 points, while a 1 will deduct 5 points. A suggestion will always deduct 0.25.
Calculation by Severity The score starts at 100, then:
  • each SUGGESTION deducts 0.25
  • each LOW deducts 5
  • each MEDIUM deducts 10
  • each HIGH deducts 20
The minimum score is 0

Minimum scores
Security
Stability
Licensing
Analysis scope for Security
Analysis scope for Stability
Analysis scope for Licensing
Default date filter for projects view
Severity level when no CVE is present


Enter one or more regular expressions to identify components that will be excluded from license analysis:


Enter one or more regular expressions to identify .NET projects to be classified in test scope:



Your tags
This panel will allow you to create and manage your tags.
A tag can be used to configure the score threshold used by the client and the policies to apply to a project's licensing analysis.



There are currently no tags.



Name Description

Create new tag