Recently, cases of adding code of varying degrees of danger to popular Open Source projects have become more frequent. This can pose a threat to people, and also undermines the credibility of the Open Source community and Open Source as such.
🔗 Web site | 💬 Telegram chat | 📧 E-mail
Records in the database: 351
At the moment, the most up-to-date list is on our website. The list in this repository is updated with a slight delay.
- Assembly isolation in containers, including for intermediate assemblies on developers' machines.
- Forks all libraries (if possible) and containers to yourself.
- Mirroring package repositories.
- Inclusion in CI of at least search by keywords, UTF characters with the image of the Ukrainian flag and comparison of the list of files with the whitelist.
- Research on code analysis tools.
- Sending a report according to instructions
- You can write to our Telegram chat
- You can write to us at [email protected]
- Submit your pull reguest;
- Create issue;
- Start discussion.