javascript-clients
Javascript clients for swagger API (by RedHatInsights)
pgpverify-maven-plugin
Verify Open PGP / GPG signatures plugin (by s4u)
| javascript-clients | pgpverify-maven-plugin | |
|---|---|---|
| 5 | 1 | |
| 4 | 53 | |
| - | - | |
| - | - | |
| 16 days ago | 16 days ago | |
| TypeScript | Java | |
| Apache License 2.0 | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
javascript-clients
Posts with mentions or reviews of javascript-clients.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2026-06-01.
-
Red Hat packages backdoored through its official NPM channel
List of affected packages: https://github.com/RedHatInsights/javascript-clients/issues/...
- npm Supply Chain Attacks, Pixel/Exynos Zero-Days, and Instagram Account Takeovers
- 31 paquetes npm de Red Hat comprometidos roban credenciales de nube
-
NPM packages from RedHat have been compromised
This repository itself had to previously update from the axios supply chain attack [0] (co-authored by Claude lol). But just by looking at the change itself, the package is unpinned and won't solve the problem if it happens again as a illegitimate "security update".
So if you have an unpinned version of this package and you run 'npm install', you immediately downloaded the compromised version and that's that.
[0] https://github.com/RedHatInsights/javascript-clients/commit/...
pgpverify-maven-plugin
Posts with mentions or reviews of pgpverify-maven-plugin.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2026-06-01.
-
NPM packages from RedHat have been compromised
https://github.com/s4u/pgpverify-maven-plugin
If you want paranoid mode, you can verify literally every part of the maven build process.
What are some alternatives?
When comparing javascript-clients and pgpverify-maven-plugin you can also consider the following projects:
platform-frontend-ai-toolkit - A set of helpful coding AI tooling for frontend development
package-manager-hardening - A non-exhaustive list of package manager hardening recommendations to help prevent supply chain vulnerability attacks. Includes AGENTS.md files and skills to enforce these recommendations.
rfcs - Public change requests/proposals & ideation