TLDRocket
Sign in

Cybersecurity

40 summarised stories about Cybersecurity, each linking back to the original source. Browse all topics →

Monday, 6 July 2026

Deptrust: Package Vulnerability Checker

The Neuron 1 week ago

Deptrust is a CLI tool that checks package versions across 13 major package ecosystems (npm, PyPI, Cargo, Go modules, RubyGems, NuGet, Maven, Packagist, pub.dev, CocoaPods, Hex.pm, Hackage, and GitHub Actions) for known vulnerabilities by querying public registries and OSV APIs directly. The tool queries multiple vulnerability providers in parallel, including OSV and GitHub Advisory Database, and returns a recommendation ranging from "block" for critical vulnerabilities to "allow" when no known issues are found. Deptrust integrates with AI agents like Codex and Claude Code via MCP servers or CLI skills to automatically prevent agents from installing vulnerable package versions before they execute install or update commands.