Malicious dependency
Reports malicious NPM and PyPI dependencies declared in your project.
Fixing the reported problems helps prevent your software from being compromised by an attacker.
Remove a malicious package to solve a problem.
Locating this inspection
- By ID
Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.
MaliciousLibrariesLocal- Via Settings dialog
Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.
Inspection ID: MaliciousLibrariesLocal
Suppressing Inspection
You can suppress this inspection by placing the following comment marker before the code fragment where you no longer want messages from this inspection to appear:
More detailed instructions as well as other ways and options that you have can be found in the product documentation:
Inspection Details | |
|---|---|
By default bundled with: | GoLand 2025.2, IntelliJ IDEA 2025.2, PhpStorm 2025.2, PyCharm 2025.2, Qodana for Go 2025.2, Qodana for JS 2025.2, Qodana for JVM 2025.2, Qodana for PHP 2025.2, WebStorm 2025.2 |