@socketsecurity/bun-security-scanner
v1.1.2
Bun security scanner for SocketDev
0/weekUpdated 2 months agoMITUnpacked: 28.3 KB
Published by SocketDev
npm install @socketsecurity/bun-security-scanner
Socket's Bun Security Scanner
Official Socket Security scanner for Bun's package installation process. Protects your projects from malicious packages, typosquatting, and other supply chain attacks.
Features
- 🛡️ Real-time security scanning during package installation
- 🔍 Detects malware, typosquatting, and supply chain attacks
- ⚡ Optimized batching for fast scans
- 🔐 Supports both authenticated (Socket org) and free modes
- 🎯 Native integration with Bun's security provider API
Installation
``bash`
bun add -d @socketsecurity/bun-security-scanner
Configuration
Add to your bunfig.toml:
`toml`
[install.security]
scanner = "@socketsecurity/bun-security-scanner"
$3
For enhanced scanning with your Socket organization settings, set the SOCKET_API_KEY environment variable:
`bash
export SOCKET_API_KEY="xyz"
bun install
`
> Note: required scope packages
The scanner will automatically read your token from:
1. SOCKET_API_KEY` environment variable
2. Socket CLI settings file (if available)
Without a token, the scanner runs in free mode using Socket's public API.
Support
- Socket Documentation
- Bun Security Scanner API
- Report Issues