Dependency Audit Scan dependencies for vulnerabilities, check for outdated packages, and verify license compliance. Vulnerability Scanning Node.js (npm/pnpm) Python (pip-audit) Go Rust Outdated Package Check License Compliance Node.js Python Dependency Tree Supply Chain Checks Notes - Run audits before merging dependency updates, not just on schedule. - can introduce breaking changes — review before running. - License compliance matters for commercial software. GPL/AGPL in dependencies can require open-sourcing your code. - Zero-day vulnerabilities won't show in audits — keep dependencies min…