Pricing
One payment.
Unlimited scans.
No subscriptions. No per-seat fees. Pay once, use forever on any project.
Free
$0
Forever free, no credit card
- ✓ All ecosystems: Python, Node.js, Rust, Go, PHP, Ruby, Java
- ✓ Registry version check (PyPI, npm, crates.io, Maven Central…)
- ✓ CVE detection (exact versions ==)
- ✓ Visual results panel
- ✓ Smart insights
- ✓ Auto-refresh on save
- ✓ English & Spanish
- — CVEs for non-exact versions
- — Compatibility analysis
- — Safe update recommendations
- — AI prompt export
Pro
$19
One-time payment · 1 developer license
- ✓ Everything in Free
- ✓ CVEs for non-exact versions (>=, ~=, ^…)
- ✓ Auto-detect installed version (pip / node_modules)
- ✓ Cross-version compatibility analysis
- ✓ Dependency conflict detection
- ✓ Safe update recommendations
- ✓ 🤖 AI prompt export (Claude, Copilot, Cursor)
- ✓ Instant license activation
- ✓ All future Pro updates included
- ✓ Priority support
Pro is launching very soon. Leave your email and we'll notify you the moment it's available — with an early-bird discount.
Why not just ask an AI to do this?
An AI agent doing what ScanReq Pro does would need to query PyPI, OSV.dev, and cross-reference all dependency metadata in real time. That costs ~$0.85 per scan in tokens with Claude Opus or GPT-4o. With Pro you pay $19 once and scan unlimited. After 23 scans you're already ahead — and a developer working on a real project hits that in a week.
Plus, AI has no access to your local environment and doesn't know about CVEs published last week. ScanReq Pro queries PyPI and OSV.dev live, every time.
Why Pro
Full CVE coverage
Free only checks exact versions (==). Pro detects your actual installed version via pip and scans everything — >=, ~=, ranges, unpinned.
Conflict detection
Knows when flask==2.0.0 breaks with werkzeug==3.0.0 before you ship. Cross-references requires_dist from PyPI for every package.
AI-ready reports
One click copies a structured prompt with CVEs, conflicts, and safe update recommendations. Paste into Claude or Copilot — done.
Safe update path
Don't guess which version to upgrade to. Pro tells you the exact version that fixes the CVE and doesn't break your other dependencies.
FAQ
Is this really a one-time payment?
Yes. You pay once and own the Pro license permanently. No subscription, no renewal. Future Pro features are included.
How do I activate Pro after payment?
After payment you'll receive a license token on the success page. In VS Code, open the Command Palette (Ctrl+Shift+P) and run "ScanReq: Activate Pro Plan". Enter your token and you're done.
Does it work without pip or npm installed?
Yes. The CVE scanning and registry checks work without any local tools for all ecosystems. For Pro features, pip is needed to auto-detect installed Python versions, and node_modules must exist for Node.js. For Go, having Go in PATH enables transitive conflict detection. If any tool is unavailable, ScanReq shows a clear notice inside the panel.
Can I use it on multiple machines?
The license is per developer, not per machine. You can activate it on your work and personal machines as long as it's the same developer.
What payment methods are accepted?
All major credit and debit cards via Stripe. Stripe handles the payment securely — ScanReq never sees your card details.