CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

Pin your 3rd Party Github Actions and Docker Images dependencies.

🛡️ AI-powered vulnerability scanner that automatically detects, analyzes, and fixes security issues in npm packages with intelligent code transformations. Supports GitHub Actions, CLI, Docker, and VS Code integration with Microsoft Teams notifications.

Sentinel Package Manager blocks compromised packages BEFORE installation, preventing malicious code execution. Features: Pre-install blocking, command interception (npm/yarn/pnpm/bun), 795+ blacklist (Shai-Hulud), real-time checks (OSV/GitHub/Snyk), zero dependencies, auto-updates. Counters supply chain attacks.

Security wrapper for package managers using a local MITM proxy and the OSSF malicious-packages DB to block malware before install.

Repogate.io VS Code Extention

Spotlight risky dependencies in Python and JavaScript projects with live registry intelligence and clear security signals.