Repository History
Explore all analyzed open source repositories
Supply Chain Monitor: Automated Detection of Package Compromises
Supply Chain Monitor is a powerful tool by Elastic designed to automatically detect supply chain compromises in popular PyPI and npm packages. It polls registries for new releases, diffs them against predecessors, and uses an LLM via Cursor Agent CLI to classify changes as benign or malicious. Malicious findings trigger immediate Slack alerts, enhancing security for your software dependencies.
typed-ffmpeg: Type-Safe FFmpeg Bindings for Python and TypeScript
typed-ffmpeg offers a modern, type-safe interface to FFmpeg for both Python and TypeScript. It provides extensive support for complex filters with detailed typing, documentation, and features like JSON serialization of filter graphs and automatic FFmpeg validation. This project enhances functionality by addressing common limitations found in similar tools, ensuring a robust development experience.