Secure Package Publishing Validator
8.1
A tool integrating with package managers (like npm) to enforce 2FA and staged publishing, mitigating supply chain attacks by requiring human approval before package releases, building on the principles of 2FA-gated publishing and package install controls.
250h
mvp estimate
8.1
viability grade
7
views
technology stack
Rust
PostgreSQL
Difficult
inspired by
npm Adds 2FA and Package Controls Against Supply Chain Attacks