JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 879
  • Score
    100M100P100Q109258F
  • License Apache-2.0

PMG - Package Manager Guard: protect developers from malicious packages

Package Exports

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@safedep/pmg) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    Package Manager Guard (PMG)

    Block malicious npm and pip packages before they install.
    Defense in depth for the package managers you already use.

    pmg in action

    Docs Website Discord Featured in tl;dr sec

    Go Report Card License Release OpenSSF Scorecard CodeQL

    Why PMG?

    Developers and AI coding agents install packages every day. Each npm install or pip install executes thousands of lines of code that nobody reviews.

    Recent compromises in popular ecosystems:

    PMG is free, open source (Apache 2.0), and requires no account or API key. It intercepts every package install and checks it against SafeDep's free community API for known malware before code executes. Install it once, and it covers every npm install, pip install, and poetry add after that.

    How PMG Works

    PMG takes a defense in depth approach. Zero config, works across Zsh, Bash, and Fish, and each install passes through the enabled protection layers before code runs, plus an audit trail after.

    PMG defense in depth: install command intercepted by PMG, passed through Layer 1 Threat Intel, Layer 2 Cooldown, Layer 3 Sandbox, then run with an audit log entry
    Layer details
    • Transparent Interception - PMG wraps npm, pip, and other package managers. Developers and AI agents use the same commands. No workflow changes.
    • Layer 1: Threat Intelligence - PMG checks every package against SafeDep's real-time threat intelligence before install. Known-malicious packages are blocked. No key, no login required.
    • Layer 2: Policy (Dependency Cooldown) - PMG blocks package versions published inside a configurable cooldown window, so recently compromised versions are skipped during the window.
    • Layer 3: Opt-in Sandbox - When sandboxing is enabled and configured, PMG runs installs inside OS-native sandboxes (macOS Seatbelt, Linux Landlock by default, or Bubblewrap fallback) so install scripts have restricted system access even if a threat slips past the first two layers.
    • Audit Logging - PMG logs every install (what, when, from where) for a verifiable audit trail.

    How PMG Compares

    PMG is the only free, open-source, install-time package firewall that covers developers and AI agents alike and ships with sandboxing and cooldown out of the box.

    Capability PMG Socket Snyk Dependabot
    OSS / built in public
    No account or API key
    Install-time malicious package blocking
    Dependency cooldown policy
    Runtime sandboxing
    Protects AI coding agents transparently
    Local audit logs
    Known-CVE remediation PRs

    Quick Start

    1. Install

    curl -fsSL https://raw.githubusercontent.com/safedep/pmg/main/install.sh | sh

    See Installation for Homebrew, npm, and other install methods.

    2. Setup

    Wire PMG into your shell so it intercepts package managers.

    pmg setup install
# Restart your terminal to apply changes

    Tip: Re-run pmg setup install after upgrading PMG to pick up new configuration options.

    Validate your installation and verify protection is working:

    pmg setup doctor

    3. Use

    See PMG blocking threats.

    npm install --no-cache --prefer-online safedep-test-pkg@0.1.3

    Note: safedep-test-pkg is a benign test package flagged as malicious in SafeDep's database for testing and verification purposes.

    Continue using your package managers as usual, or let your AI coding agent run them. PMG sits in the path, blocking malicious packages.

    npm install express
# or
pip install requests

    Supported Package Managers

    PMG supports the tools you already use:

    Ecosystem Tools Command Example
    Node.js npm npm install <pkg>
    pnpm pnpm add <pkg>
    yarn yarn add <pkg>
    bun bun add <pkg>
    npx npx <pkg>
    pnpx pnpx <pkg>
    Python pip pip install <pkg>
    poetry poetry add <pkg>
    uv uv add <pkg>

    Installation

    Install Script (MacOS/Linux)

    Downloads the latest release from GitHub, verifies its SHA-256 checksum, and installs to $HOME/.local/bin (if on PATH) or /usr/local/bin.

    curl -fsSL https://raw.githubusercontent.com/safedep/pmg/main/install.sh | sh
    Homebrew (MacOS/Linux) 
    brew tap safedep/tap
brew install safedep/tap/pmg
    NPM (Cross-Platform) 
    npm install -g @safedep/pmg

    Note: NPM-based installs can be fragile when Node.js is managed by version managers like mise or asdf. The global npm bin path changes with the active Node version, so switching versions can leave pmg unavailable on PATH (or pointing to an old install). For these setups, prefer the install script or Homebrew.

    Go (Build from Source) 
    # Ensure $(go env GOPATH)/bin is in your $PATH
go install github.com/safedep/pmg@latest
    Binary Download

    Download the latest binary for your platform from the Releases Page.

    GitHub Actions

    Protect CI workflows with one step. PMG analyzes every npm install, pip install, etc. in the job.

    # Consider pinning third-party Actions to a full commit SHA
- uses: actions/setup-node@v6
  with:
    node-version: 24
- uses: safedep/pmg@v1
- run: npm ci

    By default you get malware blocking and dependency cooldown. Sandbox isolation is opt-in via the sandbox input. Tune behavior via inputs (paranoid, sandbox, cooldown-days, ...) or point config-file at a YAML in the repo. See docs/github-action.md for the full reference.

    Uninstallation

    Remove shell integration:

    pmg setup remove

    To also remove the PMG configuration file:

    pmg setup remove --config-file

    Then uninstall PMG itself:

    # Homebrew
brew uninstall safedep/tap/pmg

# NPM
npm uninstall -g @safedep/pmg

    Trust and Security

    PMG builds are reproducible and signed.

    • Attestations: GitHub and npm attestations guarantee artifact integrity.
    • Verification: You can cryptographically prove the binary matches the source code.
    • See Trusting PMG for verification steps.

    User Guide

    Support

    If PMG saved you from a bad package, star this repo. It helps others find it.

    Star History

    Star History Chart

    Contributing

    Contributions welcome. See CONTRIBUTING.md for build and test instructions.

    Thank you to all contributors ❤️

    Contributors to PMG

    Telemetry

    PMG collects anonymous usage data. To disable, either:

    • Set disable_telemetry: true in your PMG config file, or
    • Export PMG_DISABLE_TELEMETRY=true.