-
GlobalProtect-openconnect
A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, etc.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Sometimes you may want to use some software in your project, but the maintainer(s) may have some functional affiliation(s) that makes it difficult to use without significant security assessment effort.
Example here: GlobalProtect is VPN software from Palo Alto Networks, but the maintainer of this open source client is based in China. He may be a fine, upstanding person, the code may be pristine, but there's systemic risk that needs to be bought down.
What are your tools of choice to assess something like this?
https://github.com/yuezk/GlobalProtect-openconnect
Be careful you're not using an illicit fork. https://gitlab.com/openconnect/openconnect