/* Remove underline from links on hover */
a:hover {
  text-decoration: none !important;
}

/* Ensure no underline on card links */
.card a:hover,
.card-link:hover {
  text-decoration: none !important;
}

/* Remove underline from navigation links */
nav a:hover,
.nav-link:hover {
  text-decoration: none !important;
}

/* Remove underline from content links while maintaining visual feedback */
.content a:hover,
.prose a:hover {
  text-decoration: none !important;
}

/* Remove underline from anchor links in global navigation */
.global-anchor:hover,
.anchor-link:hover {
  text-decoration: none !important;
}

/* Ensure all link types don't show underline on hover */
a[href]:hover {
  text-decoration: none !important;
}

What is PMG?

Using Homebrew (Recommended)

Using Go Install

Download Binary

Installation

Automated Setup (Recommended)

Manual Usage (Alternative)

Quick Setup

Supported Package Managers

If pmg isn’t working after setup:

If packages are incorrectly blocked:

Troubleshooting

Next Steps

Get started with SafeDep PMG - Package Manager Guard that protects against malicious open source packages

Quickstart Guide

SafeDep Documentation

Secure your open source software supply chain with SafeDep

Welcome to SafeDep

Quick Start

Understanding the need for automated open source dependency vetting

Why vet?

Free and open source tool for identifying risks in open source software supply chain

About vet

Integrate vet with GitHub Actions and Code Scanning for automated security alerts

GitHub Code Scanning

Native GitLab integration for dependency security scanning with vet

GitLab Dependency Scanning

Integrate vet with DefectDojo for centralized vulnerability tracking and management

DefectDojo Integration

Generate comprehensive Software Bill of Materials (SBOM) with security metadata using vet

CycloneDX SBOM Generation

Generate accurate dependency inventories using package managers and SBOM tools

Dependency Inventory

Analyze code and dependency usage patterns with vet's code analysis features

Code Analysis

Identify which dependencies are actually used in your code using static code analysis

Dependency Usage Identification

Build applications that leverage SafeDep Insights API using TypeScript and ConnectRPC

Insights API with TypeScript

Audit Terraform provider inventory for supply chain risks using SafeDep Cloud

Terraform Supply Chain Audit

Use CEL expressions to filter and analyze dependencies with flexible criteria

Filtering

Speed up filtering and reporting by working with enriched JSON data dumps

Build Your Own Queries

Automate security policy enforcement with CEL-based rules

Policy as Code

Manage false positives and acceptable risks with time-bound exceptions

Exceptions Management

Exclude specific directories and files from security scans using pattern matching

Path Exclusion

Control and management plane for open source software supply chain security

SafeDep Cloud Overview

Get started with SafeDep Cloud in under 10 minutes

Cloud Quick Start

Understand SafeDep Cloud authentication methods and API access patterns

Authentication

Synchronize vet scan data and policy violations with SafeDep Cloud for centralized analysis, query and reporting

Cloud Sync

Detect malicious packages in your dependencies using SafeDep Cloud's advanced code analysis capabilities

Malware Analysis

Frequently asked questions about SafeDep Cloud authentication and usage

Cloud FAQ

Understanding the need for protection against malicious packages

Why PMG?

Technical architecture and deep dive into Package Manager Guard functionality

About PMG

Join the SafeDep and vet user community for support and discussions

Community

Frequently asked questions about using vet and troubleshooting common issues

Useful references and resources for open source security and supply chain protection

Package Manager	Status	Command Example
npm	Active	`npm install <package>`
pnpm	Active	`pnpm add <package>`
pip	Active	`pip install <package>`
yarn	Planned	Coming soon
poetry	Planned	Coming soon
uv	Planned	Coming soon

Get Started

Concepts

Quickstart Guide

PMG Repository

What is PMG?

Installation

Using Homebrew (Recommended)

Using Go Install

Download Binary

Quick Setup

Automated Setup (Recommended)

Manual Usage (Alternative)

Supported Package Managers

Troubleshooting

If pmg isn’t working after setup:

If packages are incorrectly blocked:

Next Steps

Get Started

Concepts

PMG Repository

​What is PMG?

​Installation

​Using Homebrew (Recommended)

​Using Go Install

​Download Binary

​Quick Setup

​Automated Setup (Recommended)

​Manual Usage (Alternative)

​Supported Package Managers

​Troubleshooting

​If pmg isn’t working after setup:

​If packages are incorrectly blocked:

​Next Steps

What is PMG?

Installation

Using Homebrew (Recommended)

Using Go Install

Download Binary

Quick Setup

Automated Setup (Recommended)

Manual Usage (Alternative)

Supported Package Managers

Troubleshooting

If pmg isn’t working after setup:

If packages are incorrectly blocked:

Next Steps