Show HN: DepGuard, Visualize and simulate NPM vulnerability blast radiuses
DepGuard is a new tool that helps developers visualize and simulate the blast radius of vulnerabilities in NPM dependencies, enabling better risk assessment and security management for JavaScript projects.
Background
DepGuard is a free, open-source tool that maps out how a security vulnerability in one NPM package could ripple through all the other packages that depend on it. It creates interactive visual graphs ("blast radius") and lets you simulate what would happen if a dependency were compromised or removed. This matters because modern JavaScript projects often pull in hundreds or thousands of nested dependencies, making it nearly impossible to see the full impact of a single weak link. The tool addresses the same problem that commercial services like Socket.dev and Snyk solve, but with a focus on transparency and hands-on simulation.