Show HN: Package Proxy

Category: security

Tags: supply-chain-security, cloudflare-worker, package-manager-proxy

Score: 6.5/10 (Innovation: 5, Technical: 6, Documentation: 8, Utility: 7)

Package Proxy is a Cloudflare Worker that acts as a transparent proxy between developers and public package registries (npm, PyPI, Cargo), enforcing security rules like minimum package age, blocking yanked or changed-publisher releases, and providing observability via D1 database logging. It offers a lightweight, deployable supply-chain safety mechanism without requiring client-side software.

Target audience: devops, security engineers, backend devs

Repository: https://packageproxy.dev/ · TypeScript · MIT · 4 stars

View on Hacker News