Protect against malicious open source packages 🤖

Tool to check for dependency confusion vulnerabilities in multiple package management systems

Fixes music metadata and adds album art.

Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration

Continuous Delivery for automating package releases (npm, cookbooks, gems, pip, jars, etc)

CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

Fast, simple and cross-platform Python application packaging

A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.

PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers

Saves you from Python supply chain attack!

This project is a secure memory DB with AES encryption applied, based on a REST API. AES encryption is used to protect sensitive data by encrypting it, and the data is stored and processed in a secure environment.

Serve files from a GCP bucket

Caught you. — Runtime network surveillance for PyPI and npm packages.

Automatically setup mirror URLs for various package managers

Implementation of a PyPi server in Golang.

Fetch objective metrics for OSS repositories. Built for AI agents.

Scalable All in One Registry server that handles Packages for NPM, PyPi, Docker/Containers

Terraform provider aimed at facilitating downloading Python requirements.

a universal package manager

Package Go binaries as Python wheels