DepsGuard

About

Protect your projects from npm supply chain attacks similar to those targeting GitHub, axios, and @tanstack. With a single command, you can scan and fix configuration files for npm, pnpm, yarn, bun, and uv using established security guidelines. This free, open source tool is built entirely in Rust without any dependencies, and is offered under the MIT license by the application security specialists at Arnica.