awesome-repositories.com
博客
awesome-repositories.com

通过 AI 驱动的搜索,发现最优秀的开源仓库。

探索精选搜索开源替代品自托管软件博客网站地图
项目关于排名机制媒体报道MCP 服务器
法律隐私政策服务条款
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

5 个仓库

Awesome GitHub RepositoriesPackage Security

Auditing and verification of package manager dependencies.

Distinguishing note: Focuses on package manager-specific auditing.

Explore 5 awesome GitHub repositories matching devops & infrastructure · Package Security. Refine with filters or upvote what's useful.

Awesome Package Security GitHub Repositories

用 AI 发现最棒的仓库。我们将通过 AI 为您搜索最匹配的仓库。
  • owasp/cheatsheetseriesOWASP 的头像

    OWASP/CheatSheetSeries

    32,298在 GitHub 上查看↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    Audits third-party dependencies to prevent the inclusion of malicious code.

    Pythonapplication-securityappsecbest-practices
    在 GitHub 上查看↗32,298
  • mason-org/mason.nvimmason-org 的头像

    mason-org/mason.nvim

    10,339在 GitHub 上查看↗

    mason.nvim is an external tool orchestrator and package manager for Neovim. It automates the installation and lifecycle management of language servers, debuggers, and formatters by acting as a client for remote tooling registries. The project functions as a security-focused installer, utilizing a security firewall to scan and block the installation of compromised or malicious packages. It synchronizes local metadata with remote registries to discover and update available development software. The system handles the full lifecycle of external binaries, including downloading, versioning, and r

    Features a security firewall that intercepts and blocks the download of packages flagged as malicious.

    Lualuamasonneovim
    在 GitHub 上查看↗10,339
  • crytic/slithercrytic 的头像

    crytic/slither

    6,141在 GitHub 上查看↗

    Scans pickle files using an allowlist approach to block malicious payloads that could compromise models or infrastructure.

    Pythonethereumsoliditystatic-analysis
    在 GitHub 上查看↗6,141
  • rstudio/rstudiorstudio 的头像

    rstudio/rstudio

    4,952在 GitHub 上查看↗

    RStudio is a specialized integrated development environment for the R programming language and statistical computing. It provides a workbench for writing, debugging, and executing R code, offering both a desktop application and a server-hosted collaborative platform for managing data science projects. The platform enables the creation of interactive data applications, AI-powered dashboards, and technical reports. It facilitates the sharing of analysis results through a centralized publishing platform and supports the rendering of notebooks and markdown into multiple file formats. The environ

    Curates repositories and enforces security policies through vulnerability reports and blocking rules for dependencies.

    Java
    在 GitHub 上查看↗4,952
  • bodadotsh/npm-security-best-practicesbodadotsh 的头像

    bodadotsh/npm-security-best-practices

    761在 GitHub 上查看↗

    This project provides a comprehensive guide for securing the software supply chain within Node.js and npm environments. It focuses on hardening the entire lifecycle of third-party dependencies and package publishing processes to protect applications from malicious code injection and unauthorized registry modifications. The guide distinguishes itself by emphasizing identity-based authentication and cryptographic provenance to verify the origin of distributed artifacts. It advocates for strict governance policies, such as enforcing minimum release ages for dependencies and disabling automatic l

    Provides comprehensive configuration settings to harden package manager security and mitigate supply-chain risks.

    awesomedenojavascript
    在 GitHub 上查看↗761
  1. Home
  2. DevOps & Infrastructure
  3. Package Security

探索子标签

  • Malicious Package Interceptors2 个子标签Systems that scan and block the download of packages flagged for known malicious behavior during installation. **Distinct from Package Security:** Distinct from Package Security: focuses on real-time interception of malicious files rather than general auditing.