Sandworm Audit

Beautiful Security & License Compliance Reports For Your App's Dependencies 🪱

NextGetting Started

Last updated 1 year ago

Was this helpful?

Sandworm Audit

Beautiful Security & License Compliance Reports For Your App's Dependencies 🪱

Summary

Free & open source command-line tool
Works with any modern JavaScript package manager
Scans your project & dependencies for vulnerabilities, license, and misc issues
Supports workspaces
Supports
Supports
for CI / GIT hook workflows
Can connect to
Outputs:
- JSON issue & license usage reports
- Easy to grok SVG dependency tree & treemap visualizations
  - Powered by D3
  - Overlays security vulnerabilities
  - Overlays package license info
- csv of all dependencies & license info

Generate a report

Navigate charts

csv output

JSON output

report.json

{
  "createdAt": "...",
  "packageManager": "...",
  "name": "...",
  "version": "...",
  "rootVulnerabilities": [...],
  "dependencyVulnerabilities": [...],
  "licenseUsage": {...},
  "licenseIssues": [...],
  "metaIssues": [...],
  "errors": [...],
}

Marking issues as resolved

Get involved

Beta: visualizations on sandworm.dev

NextGetting Started

Last updated 1 year ago

Was this helpful?