Monitor npm Dependencies for Security Vulnerabilities
Upload your package.json and get instant alerts when new CVEs are discovered in your dependencies — with automated fix suggestions.
GitHub Advisory DB
Powered by the most comprehensive CVE database
Email Alerts
Instant notifications when new vulnerabilities drop
Fix Suggestions
Automated upgrade paths to safe versions
Pro Plan
$13
per month
- ✓Unlimited package.json uploads
- ✓Continuous CVE monitoring
- ✓Email alerts for new vulnerabilities
- ✓Automated fix suggestions
- ✓GitHub Advisory Database integration
- ✓Priority support
Frequently Asked Questions
How does the monitoring work?
You upload your package.json and we continuously check every dependency against the GitHub Advisory Database. When a new CVE is published for any of your packages, you receive an email alert immediately.
What fix suggestions do you provide?
For each vulnerability we identify the minimum safe version and provide the exact npm command to upgrade, so you can patch your project in seconds.
Can I monitor multiple projects?
Yes. Your Pro plan supports unlimited package.json uploads, so you can monitor all your projects under one subscription.