supply-chain-guard
v5.2.29npm· JavaScriptOpen-source supply-chain security scanner for npm, PyPI, Cargo, Go, Docker, VS Code extensions, GitHub Actions, IaC and Solana C2. Detects GlassWorm, Shai-Hulud, PPE attacks, dependency confusion and 120+ malware indicators. Generates CycloneDX 1.6 SBOMs
The verdict
Maintained. Maintained, actively maintained.
Live from the npm registry · derived rules, not AI
How it scores
MaintenanceHealthy
PopularityUnknown
SecurityClean
LicensePermissive
DepsLean
Maintenance
Last published this month.
Popularity
Download count unavailable.
Security
No known advisories for this version (OSV).
License
Apache-2.0
Dependencies
1 direct dependency
Recent releases
- 5.2.29this month
- 5.2.28this month
- 5.2.27this month
- 5.2.26this month
- 5.2.25this month
- 5.2.24this month
- 5.2.23this month
- 5.2.22this month