Comments

Hacker News

If this was a claude plugin with a hook on my dep files, I'd be in.

by scottcodie

I've added a hook that can be installed for Claude and Codex.

by modelorona

From what I see Aikido safe chain wraps the actual executable for npm, pnpm, pip etc with a proxy server that intercepts the requests to it and checks them.

deptrust does not wrap any executable and queries the advisory and package information directly. My goal with it was more focused on using it in Claude Code/Codex.

by modelorona

Join the discussion

Write your take first — we'll ask for email only when you're ready to publish.

  • Hacker News
  • If this was a claude plugin with a hook on my dep files, I'd be in.
    by scottcodie
  • I've added a hook that can be installed for Claude and Codex.
    by modelorona
  • Codacy has done this for a while https://www.npmjs.com/package/codacy-cli

    And this tool makes it Claude Code native https://www.npmjs.com/package/@codacy/verity-cli

    by ARayOutOfBounds
  • I use Aikido safe chain, how does this compare? https://www.npmjs.com/package/@aikidosec/safe-chain
    by brianjking
  • From what I see Aikido safe chain wraps the actual executable for npm, pnpm, pip etc with a proxy server that intercepts the requests to it and checks them.

    deptrust does not wrap any executable and queries the advisory and package information directly. My goal with it was more focused on using it in Claude Code/Codex.

    by modelorona

Related stories