Skip to content
@phylum-dev

Phylum

Phylum identifies risks and supply chain attacks in open-source package registries and provides developers with the tools to protect themselves.

Phylum ⦾ The Software Supply Chain Security Company

Phylum scans packages in open-source repositories, identifying threats, risks and supply chain attacks. We build tools to help developers and the organizations they work for block attacks, malware, and vulnerabilities from entering their software development lifecycle.

😄 Sign-up for a free Phylum account and start identifying and blocking risks in your software projects.

🔧 Open-Source Projects

The Phylum CLI provides direct access to the Phylum platform. Create and submit project lockfiles/manifest files (e.g., package-lock.json, requirements.txt, etc.)

Birdcage (Cross-platform Execution Sandbox)

A cross-platform sandbox used in the Phylum CLI to provide a locked down environment for package installation.

🌐 Find Us Online

🧟‍♂️ 2023: Softare Supply Chain Attack Reporting

We have successfully identified numerous supply chain attacks. So far in 2023 we've reported on:

Pinned Loading

  1. cli cli Public

    Command line interface for the Phylum API

    Rust 103 11

  2. phylum-analyze-pr-action phylum-analyze-pr-action Public

    GitHub Action to analyze Pull Requests for open-source supply chain issues

    15 2

  3. birdcage birdcage Public

    Cross-platform embeddable sandboxing

    Rust 179 6

  4. install-phylum-latest-action install-phylum-latest-action Public archive

    GitHub Action to install phylum CLI tool

    1

  5. community-extensions community-extensions Public

    A collection of community extensions for the Phylum CLI

    TypeScript 1 1

  6. phylum-ci phylum-ci Public

    Python package for handling CI and other integrations

    Python 10 1

Repositories

Showing 10 of 26 repositories
  • documentation Public

    Documentation for the Phylum products

    phylum-dev/documentation’s past year of commit activity
    JavaScript 1 1 10 1 Updated Nov 18, 2024
  • phylum-ci Public

    Python package for handling CI and other integrations

    phylum-dev/phylum-ci’s past year of commit activity
    Python 10 GPL-3.0 1 9 2 Updated Nov 18, 2024
  • cli Public

    Command line interface for the Phylum API

    phylum-dev/cli’s past year of commit activity
    Rust 103 GPL-3.0 11 28 (1 issue needs help) 0 Updated Nov 18, 2024
  • birdcage Public

    Cross-platform embeddable sandboxing

    phylum-dev/birdcage’s past year of commit activity
    Rust 179 GPL-3.0 6 2 1 Updated Nov 14, 2024
  • community-extensions Public

    A collection of community extensions for the Phylum CLI

    phylum-dev/community-extensions’s past year of commit activity
    TypeScript 1 GPL-3.0 1 2 0 Updated Nov 13, 2024
  • phylum-analyze-pr-action Public

    GitHub Action to analyze Pull Requests for open-source supply chain issues

    phylum-dev/phylum-analyze-pr-action’s past year of commit activity
    15 GPL-3.0 2 0 0 Updated Nov 7, 2024
  • phylum-types Public

    Public shared types for the phylum api and cli

    phylum-dev/phylum-types’s past year of commit activity
    Rust 0 MIT 1 3 1 Updated Sep 24, 2024
  • vuln-reach Public

    A library for building tools to determine if vulnerabilities are reachable in a code base.

    phylum-dev/vuln-reach’s past year of commit activity
    Rust 12 Apache-2.0 1 20 0 Updated Aug 8, 2024
  • policy Public
    phylum-dev/policy’s past year of commit activity
    Open Policy Agent 1 GPL-3.0 0 0 1 Updated Jul 29, 2024
  • purl-survey Public

    Package URL implementation test harness

    phylum-dev/purl-survey’s past year of commit activity
    Python 4 0 0 0 Updated May 17, 2024

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…