Inside-the-app security middleware for Node.js. Express and NestJS run the full sanitizer pipeline (XSS, SQL, NoSQL, SSTI, XXE, path, command, prompt injection, prototype pollution, LDAP, XPath, header injection, plus 20+ more attack types). Fastify, Koa,
Arcis security CLI — scan running apps, audit source, and check dependencies. Native Rust binary distributed via npm.
Node.js Streams, a user-land copy of the stream library from Node.js
Determine if the current node version supports the `--preserve-symlinks` flag.
A light-weight module that brings Fetch API to node.js
Arcis MCP server. Exposes Arcis CLI scanners (audit / scan / sca) and the prompt-injection detector as tools that Cursor and any other MCP-aware AI agent can call. One install, four tools, zero cloud round trip.
Node.js API (Node-API)
Load node modules according to tsconfig paths, in run-time or via API.
Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.
Cross platform child_process#spawn and child_process#spawnSync
Determines if an object can be used as an array
Vite as Node.js runtime
Like which(1) unix command. Find the first instance of an executable in the PATH.
Node.js releases data
better fetch for Node.js. Works on any JavaScript runtime!
A Babel preset that enables parsing of proposals supported by the current Node.js version.
Provides a way to make requests
PostgreSQL client - pure javascript & libpq with the same API
Build tool and bindings loader for node-gyp that supports prebuilds
Info about node `exports` field support: version ranges, categories, etc.
TypeScript execution environment and REPL for node.js, with source map support
An implementation of window.fetch in Node.js using Minipass streams
A pure JS HTTP parser for node.
Node default behavior import resolution plugin for eslint-plugin-import.