From Code to Server, we’ve got you covered! Integrate SafeDep at every stage of your SDLC and stay protected from malicious open-source software.

⚠️ Open Source Software Supply Chain attack targeting Hyatt internal dependencies through dependency confusion attack. Read more ➡️ https://t.co/Ss2nz5H0ZX

This Diwali light diyas, not vulnerabilities.🪔 vet ensures your supply chain shines bright and minus the fire hazards.😎 #Diwali #SecureCoding #SafeDep

When you have the SafeDep GitHub App installed, you can just sit back, relax, and focus on building. 👉 https://t.co/VUbAaMSIhI

We ask @NotebookLM to give us the perfect overview—here’s the video...

Heading to Bengaluru tomorrow! I’ll be speaking at @OWASP AppSec Days about our Dynamic Malware Analyzer: https://t.co/tHL2prqVm6 Exciting times ahead 😁

Along with the new release packed with major improvements, Vet has also crossed 800+ GitHub stars🎉 A huge thanks to everyone contributing to securing open source software supply chains💙

In security, sometimes we overlap quantitative and qualitative solution. This is a mistake. Even with AI, it will be nearly impossible for a static code analysis tool to beat a security researcher like duke or taviso on novelty (quality). But it can beat them on quantity.

Every developer has 3 habits: 1️⃣ Push fast 2️⃣ Merge faster 3️⃣ Forget to check dependencies 😅 SafeDep GitHub App fixes #3 without slowing down #1 and #2. It scans your PRs, flags threats, and lets you keep shipping. So, do you want to slow down your shipping speed! We hope no

Every developer has 3 habits: 1️⃣ Push fast 2️⃣ Merge faster 3️⃣ Forget to check dependencies 😅 SafeDep GitHub App fixes #3 without slowing down #1 and #2. It scans your PRs, flags threats, and lets you keep shipping. So, do you want to slow down your shipping speed! We hope no

Wondering where and how to contribute in SafeDep projects this #Hacktoberfest2025 . Well, no need to wonder anymore. Here is a quick guide to help you with the projects you can start contribute to https://t.co/E3nvsjY4Ur #OpenSource #vet

Every part of our rebranding reflects how we think about security. It’s not about fear, it’s about integrity. It’s not about control, it’s about trust. And new SafeDep is all about it. So its not about to shouting “security” but simply feeling secure.

Inspired by Gitlab's libbehave, I spent my weekend adding Go callgraph generation support to our xbom tool. It uses static code analysis to build a callgraph with simple DFA with assignment tracking and type propagation. Eventually will be in vet. https://t.co/SZavyaJjDg

Shoutout to @safedepio for the rapid response and coordinated disclosure. Read the full report & mitigation guidance: https://t.co/c1Mu8SIlKo

Our blog just got a fresh new look!✨ If you like reading about real supply chain incidents, npm compromises, and how to stay ahead and safe - check it out👇 https://t.co/QGJ3TFKQS0

It's easy to get started with SafeDep, and with it, even easier to protect your code from malicious packages.

🚀 Hacktoberfest is HERE and we're ready! Join us in making vet even more awesome! Whether you're a first-timer or a seasoned pro, we'd LOVE your contributions! 💜 Let's build something amazing together! ✨ https://t.co/7TBhBhQVjS

You’re a one-person team with 10+ repos. You can’t manually audit every npm package. SafeDep GitHub App: ⚡ Zero config 👀 Scans PRs + deps in real-time 🛡️ Blocks malicious packages Spend time building your product, not chasing malware. 👉 https://t.co/VUbAaMTg7g

The policy experience revamp in vet is coming up well. We will have a much more capable policy language, expressed in CEL with rich data source to evaluate for policy decisions.