Show HN: Beta Testing needed for my package Trustcheck

Category: security

Tags: security, supply-chain, python, pypi, provenance

Score: 7.3/10 (Innovation: 6, Technical: 7, Documentation: 9, Utility: 7)

Trustcheck is a Python package and CLI that evaluates the trust posture of PyPI releases by combining metadata, vulnerability records, provenance verification, and publisher identity checks into a single report. It's interesting because it addresses software supply chain security for Python packages in a comprehensive, automation-friendly way with clear policies and structured output.

Target audience: devops, backend devs, security engineers

Repository: https://github.com/Halfblood-Prince/trustcheck · Python · NOASSERTION · 13 stars

View on Hacker News