Performing security tests inside your CI
The goal of this project is to provide additional features on top of the existing npm audit options
☔️A curated list of tools, articles & resources to help take your frontend security to the next level. Feel free to contribute!
Claude Code skill for running structured security audits with actionable remediation plans
Frontend to display data from huskyCI analyses
A handy tool to export npm audit results to a fully offline HTML page for a better view of your project's vulnerabilities.
Helps you understand and work through npm audit results
🛡️ AI-powered vulnerability scanner that automatically detects, analyzes, and fixes security issues in npm packages with intelligent code transformations. Supports GitHub Actions, CLI, Docker, and VS Code integration with Microsoft Teams notifications.
🔍 ShenCha - AI Code Audit Agent | Security Scanner, Vulnerability Detection, Performance Analysis, Test Coverage | npm audit, pip-audit | VS Code Extension | Claude AI | 代码审计 漏洞扫描 安全检测
A beautiful, zero-config visual CVE dashboard for npm & Python. One command: npx osv-ui. 100% Local & Secure.
A fast, zero-config CLI tool that scans your project dependencies and Dockerfiles for known security vulnerabilities — across 8 ecosystems, powered by free public vulnerability databases, with AI-powered analysis and scheduled scanning.
Trace vulnerable JS dependencies. See the full chain. Know what to update. Built in Rust.
🛡️ Advanced NPM supply chain attack detection tool - Specialized in detecting Shai-Hulud compromise indicators with beautiful CLI interface and automated security reporting
I built this end-to-end DevSecOps pipeline to demonstrate how I’d run secure, observable, and automated software delivery in a real engineering organization — from commit to cloud, with zero secrets in version control and full compliance guardrails.
Supply-chain security scanner for npm packages. Detect malicious code, typosquatting, and compromised dependencies before you install them.
Behavioral supply chain scanner for npm. Detects risky dependencies by signals, not signatures.
Filter and retry yarn/npm audit command with Jest.
Run npm audit in your browser
Simple CLI that loads local project dependencies and outputs an NPM audit in TeamCity service message format.
Add a description, image, and links to the npm-audit topic page so that developers can more easily learn about it.
To associate your repository with the npm-audit topic, visit your repo's landing page and select "manage topics."