Dependency Checks#
Code Reviews protects you when starting new projects or adding libraries by validating dependencies before installation.
.klusterignore is not applied in this flow (yet)
Automatic dependency checks triggered by AI assistants currently do not use .klusterignore to exclude files.
How dependency checks work#
- You prompt: Ask your AI to start a project (e.g., "Scaffold a Next.js app with Auth.js").
- AI suggests: The AI lists the necessary dependencies.
- kluster.ai verifies: The
kluster_dependency_checktool checks every package for security vulnerabilities and license compliance before you install them.
When the AI suggests a package version with a known vulnerability, kluster.ai alerts you immediately, preventing the risk from entering your codebase.
Next steps#
- On-demand reviews: Review existing code on demand.
- Configuration: Customize dependency check behavior.