Analyze npm dependencies for bundle size, security vulnerabilities, and smarter alternatives — all inside VS Code.
Overview
BundleGuard is a Visual Studio Code extension that helps developers make better dependency decisions. It scans your project's package.json and delivers actionable insights about every dependency — right in your editor.
Features
📦 Bundle Size Analysis — See the gzipped size of every dependency via Bundlephobia
🔴 Vulnerability Scanning — Detect known CVEs using the OSV security database
🔄 Outdated Detection — Know which packages have newer versions available
💡 Alternative Suggestions — Get recommendations for lighter, better-maintained replacements
📊 Dashboard — A rich webview with charts summarizing your dependency health
🌳 Sidebar Tree View — At-a-glance summary with color-coded status icons
⚡ Cached & Fast — Results are cached to avoid repeated API calls; batched requests keep scans fast
Installation
From VS Code Marketplace
Open Extensions sidebar (Ctrl+Shift+X)
Search for BundleGuard
Click Install
From Source
git clone https://github.com/bundleguard/bundleguard.git
cd bundleguard
npm install
npm run compile
Then press F5 in VS Code to launch the Extension Development Host.
Usage
Open a project that contains a package.json
BundleGuard automatically scans on activation
Check the BundleGuard sidebar for results
Run commands from the Command Palette (Ctrl+Shift+P)
