better-auth

better-auth / better-npm

Public

Every npm package release, vetted before it reaches your node_modules.

better-npm.com
48
1
100% credibility
Found Apr 09, 2026 at 48 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

A proxy registry for npm that scans new package versions for malicious code, typosquatting, and supply chain risks using AI and static analysis before serving them.

How It Works

1
🔍 Discover safer installs

You hear about a service that checks every package for hidden dangers before adding it to your project.

2
🚀 Quick setup

Run one simple command and your project now uses the safe package service automatically.

3
Optional sign-in
Sign in

Link with your GitHub for stats and custom controls.

➡️
Skip

Continue without an account—safety works either way.

4
📦 Install with confidence

Every time you add a package, it's scanned for tricks like fake names or sneaky code.

5
📊 Check your dashboard

See your install history, blocked packages, and activity heatmap.

🛡️ Secure projects

Your folders stay clean, projects build safely, and you're in control.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 48 to 48 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is better-npm?

better-npm proxies your npm installs through registry.better-npm.dev, scanning every new package release for malicious code, typosquatting, and supply chain attacks via static checks and AI analysis. Run `npx @better-npm/cli` once to update your .npmrc and authenticate—safe versions serve instantly from cache, risky ones block until reviewed. Built in TypeScript on Cloudflare Workers with a Next.js dashboard for install stats and personal block rules.

Why is it gaining traction?

Unlike npm audit's post-install fixes, it vets releases upfront as a better npm alternative, auto-blocking typosquats and low-download packages. Users get heatmaps of activity, custom thresholds like min weekly downloads, and CLI-driven better npm auth without workflow tweaks. The open dashboard exposes every scan, appealing to devs seeking better-npm-audit transparency before node_modules bloat.

Who should use this?

Node teams handling untrusted deps from github every ai tool or AI-generated code prone to typosquatting. Security leads in CI/CD pipelines needing better vsts npm auth and proactive blocks. Devs at agencies or startups npm install-ing better sqlite3 alternatives or github every proxy setups, tired of post-breach cleanups.

Verdict

Early at 48 stars and 1.0% credibility—docs outpace maturity, with limited production proof. Solid for paranoid side projects as a better npm proxy; scale cautiously in prod.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.