Show HN: SafeInstall – local install-time guardrails for NPM/pnpm/bun

Category: devtools

Tags: security, supply-chain, cli, npm, package-manager

Score: 7.0/10 (Innovation: 7, Technical: 6, Documentation: 8, Utility: 7)

SafeInstall is a local-first CLI wrapper for npm/pnpm/bun that enforces install-time security policies before allowing package installations. It's interesting because it focuses on proactive supply-chain attack prevention—checking package age, scripts, typo-squatting, and cryptographic provenance—without requiring cloud services or accounts.

Target audience: backend devs, devops, security engineers

Repository: https://www.safeinstall.dev/ · TypeScript · MIT · 2 stars

View on Hacker News