Security●Mid
Pqurp – Quarantine Window for Packages to Prevent Supply Chain Attacks
Speculative protocol for package quarantine without a reference implementation or registry buy-in.
Bold Bet
exec7
501mo ago
Back to browse
ReARM – Release-Level Supply Chain Evidence Platform
by taleodor·Feb 18, 2026·3 points·0 comments
AI Analysis
●●SolidNiche GemSlick
The Take
ReARM zeroes in on a gritty, enterprise problem: per-release evidence, automated changelogs, and 10+ year retention with product-level bundling and approval workflows. Integrations with Dependency-Track and OWASP TEx are smart moves, but the offering reads like a sensible commercial UX layer on top of existing provenance tools rather than a technical breakthrough.
Category
Target Audience
Security and supply-chain teams, compliance officers, DevOps/release engineers managing SBOMs and audit evidence
Similar Projects
Security●●●Banger
CI/lock – supply-chain attestation CLI, from the Witness creators
From Witness/in-toto creators, keyless attestation blocks poisoned CI runs.
Big BrainZero to One
colek42
106d ago
Security●●Solid
Scanner to check if you are affected by the axios supply chain attack
Forensic triage CLI with verdict system for axios IOC detection.
Solve My ProblemShip It
aeneas_ory
202mo ago
Security●●Solid
I built a tamper-evident evidence system for AI agents
Clever hash-chain audit trail for AI reproducibility, but demo-only with unclear adoption.
Big BrainWizardry
Slaine
223mo ago
Security●Mid
Lateos/NPM-scan – open-source NPM supply chain scanner, v0.18.3
NPM supply chain scanner competing against Socket, Snyk, and npm audit.
Ship It
lateos-ai
1013d ago
AI/ML●●Solid
Comb – Zero-dependency, hash-chained conversation memory for AI agents
COMB keeps every word—append-only daily JSONL staging rolled into a hash-chained ChainArchive with three-directional links so memories are portable and tamper-evident. It’s a smart, low-friction trade: you get perfect fidelity and easy copying at the cost of storage growth and no built-in semantic search, so expect to plug in a custom search backend for retrieval.
Big BrainNiche Gem
artifactvirtual
203mo ago