Skip to content
| Marketplace
Sign in
Visual Studio>Tools>Package Security Alerts
Package Security Alerts

Package Security Alerts

Mads Kristensen

|
95,769 installs
| (1) | Free
Identifies npm and Bower packages that contains known security vulnerabilities to ensure your project is always using the most secure package versions.
Download

Makes sure the npm and Bower packages used doesn't contain any known security vulnerabilities.

See the change log for changes and road map.

Features

  • Shows warnings for packages known to have security issues
  • Works with both Bower and npm
  • Integrates with JSON editor
  • Based on retire.js

Security risk levels

There are 3 types of security risk levels:

  1. Low
  2. Medium
  3. High

When you open package.json or bower.json, icons representing the security risk are shown next to the packages.

Adornments

Hovering the mouse over the warning icons gives more details about the security risk.

Adornments Hover

Clicking the icons will open the browser to a page containing more details about the specific risk and show information about how to mitigate it. Usually the mitigation is to update the package to the latest version.

Contribute

Check out the contribution guidelines if you want to contribute to this project.

For cloning and building this project yourself, make sure to install the Extensibility Tools 2015 extension for Visual Studio which enables some features used by this project.

License

Apache 2.0

  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2025 Microsoft