JSPM

Library to serialize/deserialize CycloneDX BOM with protocol buffers

Opinionated dependency linter for your git/github dependencies

DeFarm SDK - Git for traceability with multi-role permissions and global item discovery for agriculture supply chain

Enterprise-grade Node.js library for the EU Deforestation Regulation (EUDR) TRACES system. It provides seamless integration for submitting, amending, retrieving, and managing Due Diligence Statements (DDS) with support for both V1 and V2 APIs.

ESLint plugin to detect vulnerable javascript packages & methods

A fast implementation of graph data structure

N8N nodes for Orderful EDI platform integration

This package was claimed by a security researcher to prevent supply chain attacks.

Easy auditing & sandboxing for your JavaScript dependencies 🪱

Simple supply chain POC utility package

Simple supply chain POC utility package

The panel-data npm package provides a PanelData object designed to store and manage panel-data formatted data. It supports efficient manipulation and analysis of time-series cross-sectional datasets, commonly used in supply chain management, logistics, an

Sign and verify npm packages using Sigstore

A tool to analyze suspicious npm packages for security vulnerabilities and generate GitHub Copilot templates

POC of a package that changes licenses across patch versions

Lab/Example - Link to the KubeCon CloudNativeCon NA 2024

A Bun security scanner that integrates with Socket.dev for package vulnerability detection

This package is reserved to prevent supply chain attacks.

Bluefire Redteam scanner for Nx 's1ngularity' supply-chain compromise (malicious versions, IoCs, exfil).