Show HN: Mitigate against 0-day supply chain attacks with safe-NPM

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Npm time-travel Security

SurveyJS - Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App
With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
surveyjs.io
featured
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured

  • safe-npm

    safe npm time travel installs

  • safe-node

    • Hello there, i did this mainly to show that there exist some steps we can take today in order to mitigate some of the risks related to supply chain attacks that don't involve major rewrites. Another attempt i had done earlier was safe-node https://github.com/stagas/safe-node which does permission prompts for network and file access similarly to deno.

    These are not meant to be full solutions but rather proofs-of-concept and a nudge to get the discussion going into the direction of making the ecosystem safe again. Let me know what you think or if these are entirely the wrong approach and perhaps what else could we do? Cheers.

  • SurveyJS

    Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

    SurveyJS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • safe-npm: Mitigate against 0-day supply chain attacks with safe-NPM

    1 project | /r/CKsTechNews | 25 Mar 2022

  • NPM Provenance Public Beta

    5 projects | news.ycombinator.com | 19 Apr 2023

  • any open source that checks security vulnerabilities in code?

    3 projects | /r/golang | 8 Mar 2023

  • Packj flags malicious/risky open-source packages

    1 project | news.ycombinator.com | 14 Feb 2023

  • Show HN: Coder Guard – Protect Your IDE from Malicious Extensions

    1 project | news.ycombinator.com | 26 Jan 2023