Projects
Persistent dependency tracking with automated scanning
Creating Projects
Organize dependencies by project or team for easy management.
What Are Projects?
Projects are named collections of dependencies that you want to track. Each project represents a project, microservice, or logical grouping of packages.
Creating a Project
Navigate to Dashboard → Create Project
Provide a unique name (e.g., "Frontend App", "Payment Service", "Infrastructure")
Optionally add a description for team context
Click Create to initialize your project
Plan Limits
Free tier: 5 projects, 200 packages total
Pro tier: Unlimited projects, Unlimited packages
Adding Dependencies
Bulk import via manifest files or GitHub repositories.
Method 1: Paste Manifest
• Click "Add Packages" on any project
• Paste the contents of your dependency file
• GeekWala auto-detects the file type
• Duplicates are automatically deduplicated
Method 2: Upload File
• Click "Add Packages" → Upload tab
• Drag and drop your manifest file
• Supports all 8 ecosystems
• File is parsed server-side
Method 3: GitHub Integration
• Navigate to Integrations → Connect GitHub
• Authorize GeekWala with read access
• Select a repository from the list
• GeekWala detects manifest files automatically
Method 4: Manual Entry
• Click "Add Packages" → Manual tab
• Enter package name, ecosystem, version
• Useful for ad-hoc monitoring
• Great for third-party dependencies
GitHub Integration Notes
- • Root-level manifest detection plus optional deep search (max depth 5, skips vendor/build dirs)
- • Plan limits: Free = 1 repo, Pro/Trial = Unlimited repository imports
- • Re-import after dependency changes to refresh manifests
Scheduled Scans (Pro)
Automate vulnerability monitoring with daily, weekly, or monthly scans.
Frequency Options
Manual
On-demand scans only
(Free tier default)
Daily
Runs every day
at specified time
Weekly
Specific day
(Mon–Sun)
Monthly
Specific day
(1st–28th)
Timezone Support
- • Configure your preferred timezone (e.g., America/New_York, Europe/London)
- • All scheduled scans respect your timezone settings
- • Next scheduled run displayed in your local time
Notification Settings
- • Email: Alerts when scans complete or new CVEs detected
- • In-app: View results in your dashboard
- • Toggle notifications per project
How It Works
Configure schedule on the project settings page
GeekWala automatically triggers scans at the specified time
If new vulnerabilities are detected, you receive an alert (if enabled)
View scan history to track changes over time
Scan Comparison
Each scheduled scan is compared to the previous scan to identify:
- • New vulnerabilities from dependency updates or newly disclosed CVEs
- • Resolved vulnerabilities from package updates or removals
- • Persistent vulnerabilities requiring attention
What Happens If You Downgrade to Free?
- • Scheduled scans pause immediately when you downgrade from Pro to Free
- • Scan history remains accessible for 30 days
- • Grace period: If your subscription enters past_due status (failed payment), you have 7 days before scheduled scans pause
- • Upgrade anytime to resume scheduled monitoring exactly where you left off
Scan History & Export
Track security posture over time and export results.
Viewing Scan History
Free Users
30 days scan history
Pro Users
1 year scan history
Each scan displays: timestamp, trigger type (manual/scheduled/API), status, and summary stats.
Comparing Scans
Click any scan to view:
- • Full vulnerability report with severity breakdown
- • Changes since previous scan (new, resolved, persistent)
- • Metadata: scan ID, execution time, packages analyzed
Exporting Results (Pro Only)
CSV Export
Comma-separated values for spreadsheet analysis.
Columns: package name, ecosystem, version, affected status, vulnerability count, severity, CVE IDs
Ideal for reporting to stakeholders.
JSON Export
Structured JSON for programmatic processing.
Full vulnerability details, references, and metadata
Perfect for CI/CD integration.