Install dpndncY on Linux.
dpndncY ships as one self-contained image — console, every scan engine, the Python SAST analyzers, and the JDK + Maven used for dependency resolution are all inside it. There is nothing else to install or wire up.
One-line install
On a fresh Debian/Ubuntu or RHEL/Rocky host:
curl -fsSL https://get.dpndncy.com | bashThe installer is idempotent. It will:
- install Docker Engine + the compose plugin if they are missing;
- pull the all-in-one image (
ghcr.io/dpndncy/server); - generate
APP_SECRET, a signing key, and a first admin account; - start the console on
:8080with a persistent data volume and a restart policy.
The generated admin credentials are printed once and saved to /var/lib/dpndncy/dpndncy.env. Change the password after first login.
Production (PostgreSQL + TLS)
For a production on-prem install with PostgreSQL and Caddy-managed TLS on your own domains:
curl -fsSL https://get.dpndncy.com | bash -s -- --onpremThis uses the deploy/docker-compose.onprem.yml overlay. Set CONSOLE_DOMAIN, API_DOMAIN, POSTGRES_PASSWORD, APP_SECRET, and the SUPERADMIN_* values in .env first.
Why not a .deb / .rpm?
dpndncY runs three runtimes side by side — Node (API + console), Python (the SAST taint analyzers), and a JVM toolchain (Maven, for transitive resolution). Packaging and version-pinning all of that across distro families is fragile and offers nothing the image does not already give you. The container is the package: one artifact, reproducible, the same on every host.
Updating
docker pull ghcr.io/dpndncy/server:latest
docker rm -f dpndncy
curl -fsSL https://get.dpndncy.com | bash # re-runs with the existing env + volume