ghost-dependency

Here are 2 public repositories matching this topic...

heatonb1 / supply-chain-guardrail

Zero-dependency npm supply chain security tool. Catches ghost dependencies, scores install script behavior, and detects attacks before any advisory exists.

cli npm security supply-chain postinstall sarif devsecops software-composition-analysis malware-detection npm-audit guardrails supply-chain-security ghost-dependency

Updated Apr 1, 2026
TypeScript

ukorvl / yarn-plugin-pnp-doctor

Sponsor

Star

A Yarn plugin that diagnoses compatibility issues exposed by PnP and other strict Yarn environments, then explains and optionally remediates them with safe, explicit fixes.

nodejs npm yarn node-js yarn-packages yarn-workspaces yarn-package yarn-berry yarn-plugin yarnberry ghost-dependencies ghost-dependency

Updated May 7, 2026
TypeScript

Improve this page

Add a description, image, and links to the ghost-dependency topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the ghost-dependency topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly