Protect your Bun projects from known vulnerabilities using the OSV database. Automatically scan packages during installation and block or warn about security threats before they enter your codebase.
And best of all, NO API KEY REQUIRED.

🔍

Automatically scan packages during Bun installation against the OSV database.

⚡

Built for Bun's speed with minimal overhead during package installation.

🛡️

Configure threat levels and responses based on your organization's security requirements.

FATAL

Malware, backdoors, token stealers, critical vulnerabilities

WARNING

Protestware, adware, deprecated packages

# Install the scanner
bun add -D bun-osv-scanner

# Configure in bunfig.toml
[install.security]
scanner = "bun-osv-scanner"

Protect your Bun projects from known vulnerabilities using the OSV database. Automatically scan packages during installation and block or warn about security threats before they enter your codebase.And best of all, NO API KEY REQUIRED.