Package Hunter: A tool for detecting malicious code in your dependencies

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • security-products

    • Interesting thought from https://twitter.com/d_scho/status/1419752750351540231

    > Isn‘t dependabot doing the same, basically?

    with a response in the thread at https://twitter.com/solidnerd/status/1420307219745230850

    > Dependabot / renovate only checking for version updates of your programm deps. Package Hunter analyze a program's deps for unexpected behavior (mal code) by installing the dependencies in a sandbox env and monitors system calls executed during the installation.

    Package Hunter requires Falco, Docker and NodeJS to run, following the instructions at https://gitlab.com/gitlab-org/security-products/package-hunt... - give it a try :)

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project