Socket CLI
Secure your software supply chain from the command line
Socket CLI transparently protects developers from malware, typosquats and supply chain attacks.
socketreport
Get a security report of an NPM package
Safe NPM: Secure the command your team uses every day
Socket's "safe npm" CLI tool transparently wraps the npm command and protects developers from malware, typosquats, install scripts, protestware, telemetry, and more.
Try Safe NPM
Congrats to Feross Aboukhadijeh and the Socket team on the progress and capital raise to accelerate growth. Defending open source from supply chain attacks is key for the future of enterprise software and technological innovation!
Frederic Kerrest
Founder and COO, Okta
Why use Socket CLI
Complete security of your projects in the command line
Create project health reports
Socket creates a project health report for your project. Uploads your package.json or package-lock.json.
Secure your PR workflow
Run Socket on your CI/CD pipeline to create branches and deploy requests. Socket will create a report for you to review.
Lookup package risks
Socket allows you look up supply chain risks for given version of a package in the ecosystem registry.
We help security teams work more efficiently
Cut through the noise and focus on real threats.
Get actionable alerts for the supply chain risks that matter. Socket highlights risky dependencies directly within the developer workflow.