json
PACKAGE.JSON TIPS
Simple package.json hygiene tips to reduce risk and improve determinism.
Use Overrides for Safety
Force specific versions of dependencies to avoid compatibility issues and security vulnerabilities:
{
"overrides": {
"react": "^18.3.1",
"react-dom": "^18.3.1"
}
}Ensures all packages use the same React version, preventing version conflicts.
Pin Your Package Manager
Lock your team to the same package manager version to avoid resolver changes:
{
"packageManager": "npm@10.8.1"
}Declare Runtime Versions
Signal supported Node and npm versions:
{
"engines": {
"node": ">=18.18 <21",
"npm": "^10"
}
}Prevent Accidental Publish
Mark non-library apps as private to block npm publish:
{
"private": true
}Semver Ranges: Know Your Risk
Prefer exact or tilde ranges for critical deps; caret ranges can pull in unexpected minor versions.
Ready to scan
PACKAGE ANALYSIS
Click a scan button to populate the results panel with readable vulnerability cards for each package.
Total packages
0
Vulnerabilities
0
Errors
0
Package analysis
Each package card now shows human-readable vulnerability rows and quick status badges.
vuln view
No results yet. Run a scan to see package vulnerability cards here.