GitHub

DataDog/guarddog: GuardDog is a CLI tool to Identify malicious PyPI packages

GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages, Go modules, GitHub actions, or VSCode extensions. It runs a set of heuristics on the package source code (through ...
IEEE

Bad Snakes: Understanding and Improving Python Package Index Malware Scanning

Abstract: Open-source, community-driven package repositories see thousands of malware packages each year, but do not currently run automated malware detection systems. In this work, we explore the ...
GitHub

Apx (/à·peks/) is the default package manager in Vanilla OS. It is a wrapper around multiple package managers to install packages and run commands inside a managed container.

Special thanks to distrobox for making this possible.