Developer Tools

Calculate the True Cost of Your npm Dependencies

Point us at any GitHub repo. We parse your package.json, analyze every dependency for bundle size impact, build time cost, and known CVEs — then generate a prioritized cost report in seconds.

Get Started — $9/mo

Cancel anytime. No credit card required to try.

Bundle size analysisBuild time impactCVE vulnerability scanGitHub API integrationnpm registry dataPrioritized cost report

How It Works

01

Connect Your Repo

Paste a GitHub repo URL. We fetch your package.json via the GitHub API — no clone needed.

02

Deep Dependency Scan

We query the npm registry and vulnerability databases for every dependency and transitive package.

03

Get Your Cost Report

Receive a ranked list of dependencies by cost: bundle weight, CI build time, and security risk score.

Simple Pricing

Pro
$9
per month
  • Unlimited repo scans
  • Full CVE vulnerability reports
  • Bundle size + build time metrics
  • Export reports as CSV or JSON
  • Priority email support
Subscribe Now

FAQ

Which package managers are supported?

Currently npm and Yarn projects via package.json. Support for pnpm workspaces and monorepos is on the roadmap.

How is the security data sourced?

We cross-reference the npm audit advisory database and the GitHub Advisory Database (GHSA) to surface known CVEs for each dependency version.

Is my source code ever stored?

No. We only read your package.json via the public GitHub API. Your source code is never downloaded, stored, or processed.