Comment on page
npm package search
Quickly evaluate the behavior and health of any open source package.
Verdict pages allow you to assess the security posture of an open source npm package and its past versions. This allows you to pick the best packages for your project before using them.
For any npm package, you will get insights such as:
- Maintainer information
- Linked repositories (GitHub, npm)
- License information
- Dependency information:
- Number of direct and transitive dependencies
- List of versions
View the guide below to see the detailed workflow.
- 1.
- 2.Search a npm package
Type a package name in the search bar, and pick the one you want to investigate.
- 3.View package information
- 4.View Verdicts
Verdicts provide insights on how packages behave at installation-time. They contain context on execution traces, criticality, and source & sink information.
Verdicts can be filtered by toggling the categories which include:
- processes spawned
- network connections
- filesystem accesses
By integrating your project with listen.dev through the GitHub action, you can continuously monitor dependency changes and get insights directly within your workflows. See how it works.
Last modified 7mo ago