Secure the tools you `brew install`

A local data lake for open source package metadata

Sealed execution environment for GitHub Actions. Stop supply chain attacks dead in their tracks.

Detect large rooftop solar PV installations from Sentinel-2 imagery at country/state/province scale, and flag large buildings that have visible solar but no solar mapping in OSM

Combine many RSS feeds into one feed

The Cloud Native Application Proxy

Jekyll plugin that emits standard.site verification artifacts

standalone, Kubernetes-native Software Bill of Materials (SBOM) visualization and governance platform

A package manager for agent skills.

Examine a GH user's profile, to help quickly decide how much to invest in their contributions.

Every package has a version story — browse the version history of every Homebrew formula and cask.

Harden your package manager configs against supply chain attacks.

Solidity Package Manager written in rust and integrated into Foundry (forge soldeer ...)

Soldeer Crawler for dependencies

Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.

rsync in Go! implements client and server, which can send or receive files (upload, download, all directions supported)

Source code of the X-Road® data exchange layer software

CI and hosting for nix-based, flakified github repos

Pin your GitHub Actions. Prick holes in their supply chain security.

A manifest of JS modules and their more modern/active replacements

A composite GitHub Action that turns conventional commits into a draft release PR, tags the PR on merge, and stages publishing to npm via OIDC trusted publishing.

🐙 Unlimited access to github API

Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://ecl…

A tool to analyse your SBOM data at the organization level, graphing your entire ecosystem, not just by project

Common Vendor Excuse & Evasion Enumeration (CV3) - A taxonomy of vendor dismissal patterns for legitimate vulnerability reports

CLI proxy that reduces LLM token consumption by 60-90% on common dev commands. Single Rust binary, zero dependencies

OCI registry client - managing content like artifacts, images, packages