Beautiful security & license compliance reports for your app’s dependencies. Scans your project and dependencies for security vulnerabilities, license & metadata issues - here's the list of issue types.
It’s free and open source, and works with npm, Yarn, pnpm, and Composer. Run
npx @sandworm/audit@latest in the terminal or in your CI / Git Hook workflows.
Outputs JSON issue and license usage reports, direct and transient dependency data as CSV, as well as easy to read dependency tree and treemap visualizations.
Sandworm Cloud monitors your GitHub activity and generates fresh audit reports for every change you make.
View and share reports with collaborators. Get recommendations and resolve issues. Monorepo & workspace support.