Already have an account? LoginDo not have an account? Sign up
I confirm that I will use Meterian Services for my trade, business, craft or
professional purposes only and understand that my personal data will be handled
subject to the Meterian Terms and Conditions and
You are on our Free Plan. Your benefits allow you to:
Analyse an unlimited number of opensource projects.
Analyse one closed source project.
We have Github badges available for Java and NodeJS languages.
Integrating these projects to show badges on your Github page is easy. Just select the Badges tab and paste your
You will be able to generate the Github badges and get started in minutes. Just copy the
generated markdown content in your readme.md file on GitHub.
Using a CI?
If you are integrating Meterian in your build system, the Tokens tab allows you
to create the client
tokens you need in your Meterian installation. See the Client tab to learn how to
integrate our client
in your CI/CD pipeline, and find your report in the Projects tab.
Manage license risks.
Define your own rules using the Policies tab in order to define which
licenses are allowed (or forbidden)
by your organization's software development policy. Protect yourself from the risk
of using components with
Take control of your account.
You can manage your account details using the Details tab, manage your team
members' in the
Using the CLI?
If you are using Meterian from the command line please check the Client tab to
discover how to download
and use the Meterian Client. It's very simple and you won't need any setup!
If you need more advanced features try one of our paid
On a paid plan you will be able to:
have full API access
manage multiple projects
generate a bill of materials
manage licenses risks
Get in touch if you’d like to ask for a trial or an upgrade.
If you have a GitHub project you can easily generate badges for your opensource project.
Just enter your project
GitHub URL and click the Generate button: the code snippets of the badges will be
Your badges will also contain a live link to the official report from Meterian, that
will be updated at least daily.
Enter your project public Github URL to generate the badges:
Select your private, public-marked, project to generate the badges:
Select your private project to generate the badges:
(This badge will be usable only on github.com)
For the security badge, please add this snippet to your README file:
You will need the Meterian Client application if you are integrating meterian in your
CI/CD pipeline or you want to analyze
closed source project, badges only work on public repositories on github.com.
During any of the CI/CD stages you can use the client to quickly assess the status of
your project and block the progress if
the results are not good enough. This will give you confidence you will not deliver a
project containing known vulnerabilities
or not up to date libraries, to the level you consider acceptable.
The client is a Java native application written in Java8, so you will need to
have a suitable JRE to run it.
It will run on any platform where such runtime is accessible.
To run the analysis locally the client will need to have access to your local
Depending on your tooling you may also need some environment variables set up,
like JAVA_HOME for Gradle,
but this is exactly the same setup you woould use in you normal build
As the analysis is performed remotely, the client will need to have access to a
working internet connection
that can reach the domain *.meterian.com using https.
These tokens are used to authenticate any Meterian application, like the Client
Application, to act on behalf
of your account. Once you generate a token you will have to specify a name for it. Then
you will be able to download
the token just by clicking on it. In order to use it, see the documentation for the
Existing authentication tokens
No tokens so far.
Account average scores:
If you already have projects please scan them again.
No dependencies found for this selection.
Your account members
This panel will allow you to link existing or new collaborators to your account to
represent your current team.
Based on their role they will be provided with a certain range of permissions as
Adminstrator - can do anything on your account, including disabling it
Collaborator - can run analysis, apply ignore rules and view reports
Viewer - can view online reports only
Daily analysis usage
Add a new member:
Add a new team:
You have reached the maximum limit of teams for your account.
Think you might need more teams?
You can always update your subscription.
Contact us for more information.
No team is currently selected.
Select a team from the menu.
This team has no members.
Add a new member
This team contains all the members of this account.
Only administrators can access this list.
Add a new member:
Your license policies
This panel will allow you to manage your licence policies.
You will be able to define which licenses you accept and which one you deny
in the libraries used by your project.
No policies so far.
Your account allows you to link all projects and members together. Your account is linked
plan with specific benefits.
The name of your account
This is the name assigned to your account. It can be really anything it makes sense to
you and, of course,
it can be changed at any time.
The contact email of your account
This is the main contact email of your account, where you receive notification about
people joining or leaving your account,
changes made to your plan, and any other account-wide relevant information. You can
change this email but you will need
to follow a validation process: unless this is successful, the change will not be
Please contact our support email if you need
Your account Github organization
By selecting an organization from this list, all the members of the specific Github organization
will be automatically added to this Meterian account once they have performed their first login with Github.
You have to be an admin of both Github organization and Meterian account.
Support login token
This token can be used to allow a member of the Meterian support team to login in your behalf
in the case you are experiencing issues within your account.
Simple generate or refresh the token and communicate it to a member of the Meterian support team. The token automatically expires after 8 hours after its issue.
Fancy trying all the features Meterian has to offer? Some of the functionalities are still in develompent or in testing,
but you can try them out by turning on the Experimental Mode.
In Experimental Mode is not guaranteed full stability as these features are still being worked on by developers.
Why not give it a try? You can disable the Experimental Mode any time you want.
Get notified if a project in your account becomes vulnerable. Activate the Meterian notification service here
The plan associated to your account
This is the plan associated to your account, and can be changed at any time but at the
moment only by contacting
our support email.
Disable your account
This will allow you to disable your account. Nothing will be lost, but
need to contact our support email if you need
o completely delete your account.
This is required in case you need to join, as a member, another account, as at this
does not support multiple accounts for the same user.
Customize your account configuration to get the best out of Meterian.
Security Score Calculation
Calculation by CVSS The score starts at 100. For each vulnerability, points are deducted based on its CVSS score. The amount of points deducted is between 0 and 50: it's proportionate to the score of the vulnerability, that goes from 0 to 10. For example, a score of 9 will deduct 45 points, while a 1 will deduct 5 points. A suggestion will always deduct 0.25.
Calculation by Severity
The score starts at 100, then:
each SUGGESTION deducts 0.25
each LOW deducts 5
each MEDIUM deducts 10
each HIGH deducts 20
each CRITICAL deducts 25
The minimum score is 0
Security analysis scope
Stability analysis scope
Licensing analysis scope
Default projects time filter
Notifications minimum threshold
Unmaintained libraries notifications
Severity level when no CVE is present
Severity level for unmaintained libraries
Ignore unstable versions
Enter one or more regular expressions to identify .NET projects to be classified in test scope:
Enter one or more regular expressions to identify components to exclude from license analysis:
This panel will allow you to create and manage your tags.
A tag can be used to configure the score threshold used by the client and the policies to apply to a project's licensing analysis.