https://www.bleepingcomputer.com/news/security/google-releases-dev-tool-to-list-vulnerabilities-in-project-dependencies/

Google has launched OSV Scanner, a new tool that allows developers to scan for vulnerabilities in open-source software dependencies used in their project.

The scanner draws data from OSV.dev, the distributed vulnerability database for open source code that Google released in February 2021, to offer relevant information about known security issues affecting open-source code.