Security Scanner API - Bun

Security Scanner API - BunDocumentation Index

Fetch the complete documentation index at: /docs/llms.txt

Use this file to discover all available pages before exploring further.

Skip to main contentBun home pageSearch...⌘KInstall BunSearch...NavigationAdvanced ConfigurationSecurity Scanner APIRuntimePackage ManagerBundlerTest RunnerGuidesReferenceBlogFeedback:first-child]:!hidden peer-[.is-custom]:[&>:first-child]:sm:!hidden peer-[.is-custom]:[&>:first-child]:md:!hidden peer-[.is-custom]:[&>:first-child]:lg:!hidden peer-[.is-custom]:[&>:first-child]:xl:!hidden">Core Commandsbun installbun addbun removebun updatebunxPublishing & Analysisbun publishbun outdatedbun whybun auditbun infoWorkspace ManagementWorkspacesCatalogsbun linkbun pmAdvanced Configurationbun patchbun --filterGlobal cacheGlobal virtual storeIsolated installsLockfileLifecycle scriptsScopes and registriesOverrides and resolutionsSecurity Scanner API.npmrc supportOn this pageQuick StartHow It WorksSecurity LevelsUsing Pre-built ScannersInstalling a ScannerConfiguring the ScannerEnterprise ConfigurationAuthoring your own scannerRelatedAdvanced ConfigurationSecurity Scanner APICopy pagespan]:line-clamp-1 overflow-hidden group flex items-center py-0.5 gap-1 text-sm text-gray-950/50 dark:text-white/50 group-hover:text-gray-950/70 dark:group-hover:text-white/70 rounded-none rounded-r-xl border px-3 border-gray-200 aspect-square dark:border-white/[0.07] bg-background-light dark:bg-background-dark hover:bg-gray-600/5 dark:hover:bg-gray-200/5" aria-label="More actions" type="button" id="radix-_R_n4ctdbsnlht5lebsnpfdb_" aria-haspopup="menu" aria-expanded="false" data-state="closed">Copy pagespan]:line-clamp-1 overflow-hidden group flex items-center py-0.5 gap-1 text-sm text-gray-950/50 dark:text-white/50 group-hover:text-gray-950/70 dark:group-hover:text-white/70 rounded-none rounded-r-xl border px-3 border-gray-200 aspect-square dark:border-white/[0.07] bg-background-light dark:bg-background-dark hover:bg-gray-600/5 dark:hover:bg-gray-200/5" aria-label="More actions" type="button" id="radix-_R_1cctdbsnlht5lebsnpfdb_" aria-haspopup="menu" aria-expanded="false" data-state="closed">Bun’s package manager can scan packages for security vulnerabilities before installation, helping protect your applications from supply chain attacks and known vulnerabilities. ​Quick Start Configure a security scanner in your bunfig.toml: bunfig.toml

[install.security]
scanner = "@acme/bun-security-scanner"

When configured, Bun will: Scan all packages before installation Display security warnings and advisories Cancel installation if critical vulnerabilities are found Automatically disable auto-install for security ​How It Works Security scanners analyze packages during bun install, bun add, and other package operations. They can detect: Known security vulnerabilities (CVEs) Malicious packages License compliance issues …and more! ​Security Levels Scanners report issues at two severity levels: fatal - Installation stops immediately, exits with non-zero code warn - In interactive terminals, prompts to continue; in CI, exits immediately ​Using Pre-built Scanners Many security companies publish Bun security scanners as npm packages that you can install and use immediately. ​Installing a Scanner Install a security scanner from npm: terminal

bun add -d @acme/bun-security-scanner

Consult your security scanner’s documentation for their specific package name and installation instructions. Most scanners will be installed with bun add. ​Configuring the Scanner After installation, configure it in your bunfig.toml: bunfig.toml

[install.security]
scanner = "@acme/bun-security-scanner"

​Enterprise Configuration Some enterprise scanners might support authentication and/or configuration through environment variables: terminal

# This might go in ~/.bashrc, for example
export SECURITY_API_KEY="your-api-key"

# The scanner will now use these credentials automatically
bun install

Consult your security scanner’s documentation to learn which environment variables to set and if any additional configuration is required. ​Authoring your own scanner For a complete example with tests and CI setup, see the official template: github.com/oven-sh/security-scanner-template ​Related Configuration (bunfig.toml) Package Manager Security Scanner Template

Was this page helpful?

YesNoSuggest editsRaise issueOverrides and resolutionsPrevious.npmrc supportNext⌘IxgithubdiscordyoutubePowered byThis documentation is built and hosted on Mintlify, a developer documentation platform