Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Why do you think that https://github.com/linux-surface/linux-surface is a good alternative to packj