Integrate Socket directly into to your project flow and detect sensitive changes across your dependency tree as they happen.
Install the Socket GitHub app to receive real time dependency scanning and reports with every pull request.
Detect potential typo squats
Detect install scripts
Detect telemetry
Detect native code
Detect known malware
Detect troll packages
GitHub Checks support
Project Health Reports for every commit
Detect network access
Detect filesystem access
Detect obfuscated code
Customizable warnings and alert thresholds
Not using GitHub? Generate reports next to your tests with our CLI.