Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding - Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
knip
Find and fix unused dependencies, exports and files in your TypeScript and JavaScript projects
Knip finds and fixes unused dependencies, exports and files in your JavaScript and TypeScript projects. Less code and dependencies lead to improved performance, less maintenance and easier refactorings.
- Website: knip.dev
- GitHub repo: webpro-nl/knip
- npm package: knip
- Contributing Guide
- Sponsor Knip!
Contributors
Special thanks to the wonderful people who have contributed to Knip!
Knip
/'knɪp/ means "(to) cut" and is pronounced with a hard "K" 🇳🇱
License
Knip is free and open-source software licensed under the ISC License.
Parts of Knip have been inspired by and/or partially copy code from the following projects:
Other packages similar to knip
depcheck
Depcheck is a tool that helps you find unused dependencies in your project. It analyzes your codebase to identify dependencies that are not being used. Compared to Knip, Depcheck focuses more on dependencies and does not provide functionality for identifying or removing unused files.
unimported
Unimported is a tool that helps you find and remove unused files and dependencies in your project. It provides similar functionality to Knip, including the ability to identify and remove unused files and dependencies. However, Unimported may have different configuration options and performance characteristics.
madge
Madge is a tool for visualizing and analyzing the dependency graph of your project. It can help you identify circular dependencies and unused files. While Madge provides some overlapping functionality with Knip, it is more focused on visualizing dependencies and analyzing the structure of your codebase.
FAQs
Find and fix unused dependencies, exports and files in your TypeScript and JavaScript projects
The npm package knip receives a total of 2,953,637 weekly downloads. As such, knip popularity was classified as popular.
We found that knip demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 11 Dec 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding - Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding - Dec 11, 2025