dpndncY
Dependency Firewall
Block the risky package
before it's installed.

Multi-signal decisioning at admission time. Risky packages are rejected before they enter node_modules, site-packages or your local Maven repo — with a signed record of exactly why.

Pillar · Block

What it does

Pre-install enforcement

Registry-proxy mode across npm, PyPI, Maven, NuGet, RubyGems, Cargo and Go rejects packages before they ever reach your dependency tree.

7 package managersPre-install

Multi-signal decisions

CISA KEV, EPSS, ExploitDB, reachability, attack-path, license obligations and version-pinning rules — with maintainer-change and trust-delta alerts for takeovers and typosquats.

KEV · EPSSTrust-delta

Observe · Soak · Enforce

Three rollout modes so you can measure impact before you block. Bypass is routed through an approval workflow with a full audit trail.

3 modesApproval-gated
7
package managers
3
rollout modes

One platform. On your infrastructure.
Every decision signed and verifiable.