software-supply-chain-compromises
A dataset of software supply chain compromises. Please help us maintain it! (by IQTLabs)
pypi_malware
PyPI malware packages (by rsc-dev)
software-supply-chain-compromises | pypi_malware | |
---|---|---|
2 | 1 | |
106 | 52 | |
- | - | |
4.6 | 10.0 | |
over 1 year ago | over 5 years ago | |
Python | ||
Creative Commons Zero v1.0 Universal | The Unlicense |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
software-supply-chain-compromises
Posts with mentions or reviews of software-supply-chain-compromises.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-06-26.
-
PyPI: Python packets steal AWS keys from users
Sure. Please email me (in profile) for the list. You can also look at the following resources for malware samples:
1. https://github.com/IQTLabs/software-supply-chain-compromises
-
Counting Broken Links: A Quant's View of Software Supply Chain Security
The third author made available "Software Supply Chain Compromises - A Living Dataset" here: https://github.com/IQTLabs/software-supply-chain-compromises
pypi_malware
Posts with mentions or reviews of pypi_malware.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-06-26.
What are some alternatives?
When comparing software-supply-chain-compromises and pypi_malware you can also consider the following projects:
maloss - Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
dockerify - Run any CLI command in a docker container
packj - Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
firejail - Linux namespaces and seccomp-bpf sandbox