$ depsec --analyze_
DepSec
>Dependency Security Analyzer
Upload your package.json to analyze vulnerabilities, license risks, maintainer health, and get a security score from 0 to 100. Include package-lock.json for transitive dependency analysis.
SYS.READY
Tip: Upload both files together for full transitive dependency analysis
or
VulnerabilitiesLicense RiskMaintainer HealthTyposquattingTransitive DepsCI/CD ModeSBOM ExportFix SuggestionsGitHub Action
CLI & CI/CD
# Run in your pipeline
$ npx depsec package.json --fail-under 70
# With lockfile for full analysis
$ npx depsec package.json --lock package-lock.json
# Export SBOM (CycloneDX)
$ npx depsec package.json --sbom
Block builds with vulnerable dependencies. Export SBOMs for compliance.GitHub Action available →