← 返回命令列表

Linux command

depsguard 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

Launch

depsguard

Scan only

depsguard scan

Skip recursive file discovery

depsguard --no-search

Restore

depsguard restore

Display

depsguard --help

说明

depsguard is a Rust CLI that audits JavaScript and Python package manager configuration files for supply-chain hardening settings and applies missing protections after explicit user approval. It inspects user-level files such as `~/.npmrc`, `~/.yarnrc.yml`, `~/.bunfig.toml` and `uv.toml`, and repository-level files including `package.json`, lockfiles, Renovate config and Dependabot config. It checks for settings like minimum release age (delaying installation of newly published versions), blocking install scripts, restricting exotic transitive dependencies, trust policies, and strict build requirements. In its default interactive mode depsguard presents detected issues in a TUI, lets the user select which fixes to apply, and writes timestamped backups under `~/.depsguard/backups/` before modifying any file. The `restore` subcommand replays a chosen backup. The tool itself never installs packages and ships with zero third-party crate dependencies.

参数

scan
Read-only report. Does not modify any files.
restore
Recover configuration from a timestamped backup.
--no-search
Check only local config files in the current directory. Skip recursive discovery.
--help
Show CLI documentation.

FAQ

What is the depsguard command used for?

depsguard is a Rust CLI that audits JavaScript and Python package manager configuration files for supply-chain hardening settings and applies missing protections after explicit user approval. It inspects user-level files such as `~/.npmrc`, `~/.yarnrc.yml`, `~/.bunfig.toml` and `uv.toml`, and repository-level files including `package.json`, lockfiles, Renovate config and Dependabot config. It checks for settings like minimum release age (delaying installation of newly published versions), blocking install scripts, restricting exotic transitive dependencies, trust policies, and strict build requirements. In its default interactive mode depsguard presents detected issues in a TUI, lets the user select which fixes to apply, and writes timestamped backups under `~/.depsguard/backups/` before modifying any file. The `restore` subcommand replays a chosen backup. The tool itself never installs packages and ships with zero third-party crate dependencies.

How do I run a basic depsguard example?

Run `depsguard` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does scan do in depsguard?

Read-only report. Does not modify any files.