Dep Beacon

Security Signals

Dep Beacon can query OSV.dev for the package and version currently selected by a range. The result is summarized without replacing a full audit workflow.

Severity mapping

  • Low and medium advisories show as orange warning signals.
  • High and critical advisories show as red error signals.
  • Unknown severity stays visible as known risk.

Privacy and control

Disable OSV checks with `depBeacon.checkVulnerabilities` when working offline or inside registries that should not send dependency names to external services.

{
  "depBeacon.checkVulnerabilities": false
}