Show HN: Beta Testing needed for my package Trustcheck
Category: security
Tags: security, package-management, supply-chain
Score: 7.3/10 (Innovation: 7, Technical: 7, Documentation: 8, Utility: 7)
Trustcheck is a Python package and CLI that evaluates the trust posture of PyPI releases by combining metadata, vulnerability records, provenance verification, and publisher identity checks into a single report. It's interesting because it addresses software supply chain security for Python packages in a practical, operator-focused way, automating checks that are typically manual or scattered across different tools.
Target audience: devops, backend devs, security engineers
Repository: https://github.com/Halfblood-Prince/trustcheck · Python · NOASSERTION · 2 stars
View on Hacker News