PackageFix / Guides

Developer Guides

How to integrate dependency security scanning into your workflow — from a one-off terminal command to automatic CI/CD blocking on critical CVEs.

GitHub Actions

Scan dependencies on every push — 4 ready-to-use workflow YAMLs

Pre-commit Hooks

Catch CVEs before they enter your git history

Terminal One-Liner

Pipe any manifest into PackageFix with one command

Which guide is right for you?

If you want a quick one-off check right now — use the terminal one-liner. If you want to catch vulnerabilities before they reach production — add the GitHub Actions workflow. If you want to catch them before they even enter your git history — use pre-commit hooks.

Paste your manifest — get a fixed version with all CVEs patched in seconds.

Open PackageFix →

Free · No signup · No CLI · Runs in your browser

Related

Fix Guides

Step-by-step CVE fixes

Dependency Scanning

The broader concept

CISA KEV

What to fix first

Remediation

Fix strategies