Strale, a platform designed for autonomous software development agents, has introduced two new capabilities: package-security-audit and license-compatibility-check. These tools help coding agents make informed decisions about package dependencies by assessing security risks and license compatibility.
Package Security Audit
The package-security-audit capability evaluates the risk associated with a specific package version in a given ecosystem (e.g., npm, pip). It provides a structured JSON output that includes:
- Risk Score: A numeric score indicating the overall risk level of the package.
- Vulnerabilities: Details about any known vulnerabilities, including their severity and suggested fix versions.
- License Information: The type of license used by the package.
- Dependency Count: Number of direct dependencies for the package.
- Repository Link: URL to the source repository if available.
Example Request
shell1curl https://api.strale.dev/v1/capabilities/package-security-audit \ 2 -H "Authorization: Bearer YOUR_API_KEY" \ 3 -d '{"package": {"name": "express", "version": "4.18.2", "ecosystem": "npm"}}'
Example Response
json1{ 2 3[Read the full article at DEV Community](https://dev.to/petter-strale/one-api-call-to-know-if-your-dependency-is-safe-b6) 4 5--- 6 7**Want to create content about this topic?** [Use Nemati AI tools](https://nemati.ai) to generate articles, social posts, and more.
2
Contents
Ali NematiWritten by Ali
![[AINews] The Unreasonable Effectiveness of Closing the Loop](/_next/image?url=https%3A%2F%2Fmedia.nemati.ai%2Fmedia%2Fblog%2Fimages%2Farticles%2F600e22851bc7453b.webp&w=3840&q=75)
