Protect against malicious open source packages 🤖

Tool to check for dependency confusion vulnerabilities in multiple package management systems

Fixes music metadata and adds album art.

Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration

Continuous Delivery for automating package releases (npm, cookbooks, gems, pip, jars, etc)

CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.

A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.

PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers

Saves you from Python supply chain attack!

This project is a secure memory DB with AES encryption applied, based on a REST API. AES encryption is used to protect sensitive data by encrypting it, and the data is stored and processed in a secure environment.

Serve files from a GCP bucket

Automatically setup mirror URLs for various package managers

Implementation of a PyPi server in Golang.

Scalable All in One Registry server that handles Packages for NPM, PyPi, Docker/Containers

Fast, simple and cross-platform Python application packaging

a universal package manager

Terraform provider aimed at facilitating downloading Python requirements.

Go client for Warehouse / PyPI's API endpoints.

A tool to manage components in private repo