Repositories impacted in the tj-actions supply chain incident.
Packages infected by the Shai-Hulud npm worm.
Weekly downloads affected in the Chalk / Debug compromise.
2.6B Weekly downloads affected in the Chalk / Debug compromise. 500+ Packages infected by the Shai-Hulud npm worm. 23K Repositories impacted in the tj-actions supply chain incident.
Get visibility into dependency behavior in your CI pipeline. Every package change gets a risk score and behavioral report — flag suspicious packages for review, auto-approve the rest. Configurable thresholds, allowlists, and a full audit trail for compliance.
actually does before it ships
Detection accuracy validated against 11,000+ real packages (99.95% precision, 99.7% F1): See benchmarks →
Every scan logged with verdicts, risk scores, and findings. Built for teams that need to prove what was reviewed.
One YAML file or npm i -g @westbayberry/dg. Works with GitHub Actions, GitLab CI, Jenkins, and more.
Every lockfile change gets a verdict posted as a PR comment. Review flagged packages before they merge.
... continue reading