This part of the pipeline scans your code for known security vulnerabilities in dependencies of your software. An example would be if you rely on third-party libraries that have known security issues. This will be explained in detail in the next chapter.

When this scan is complete, you will know whether the dependencies you use in your code are safe or not. It is also useful to know which licenses are used by dependencies because this can have a lot of consequences. We will explain this in the next section.