Stacklok Insight is a free-to-use web app that provides data and scoring on the supply chain risk for open source packages.
The latest news, tips, and ideas about open source and supply chain security.
We are excited to announce a new open source project—CodeGate is a single Docker container that a developer can install locally to protect their privacy and their code while using AI coding assistants and LLMs.
The open source community is a rich source of innovation and has developed a number of powerful security tools. Minder makes it easier to integrate and utilize these tools for organizations that want a platform for open source security. We're excited that Minder has been adopted into the OpenSSF sandbox.
Profile selectors, now available in Minder, enable you to customize how profiles are applied to your software supply chain. With selectors, you can apply the right rules to the right resources to increase compliance flexibility and reduce alert fatigue.