Introducing lstn CLI
lstn CLI brings the power of listen.dev right inside your development workflow.
You can run the CLI locally, or in your CI/CD pipeline to scan your JavaScript projects and detect malicious behaviour at the earliest stages of your dev process. This allows you to avoid the use of risky dependencies before they trigger inside your environments and cause any harm.
We encourage the practice of running a
lstnscan every time before adding a new dependency or updating an existing dependency to a new version.
The following shows an example of lstn CLI test command output.
https://www.loom.com/share/5648e87cc56b4a18b86eaae229870ccf (opens in a new tab)
lstn CLI scanning for open source dependencies supports the following:
- Languages: JavaScript, TypeScript and CoffeeScript
- Package managers: npm, yarn (coming soon)\