Skip to content
@phylum-dev

Phylum

Phylum identifies risks and supply chain attacks in open-source package registries and provides developers with the tools to protect themselves.

Phylum ⦾ The Software Supply Chain Security Company

Phylum scans packages in open-source repositories, identifying threats, risks and supply chain attacks. We build tools to help developers and the organizations they work for block attacks, malware, and vulnerabilities from entering their software development lifecycle.

😄 Sign-up for a free Phylum account and start identifying and blocking risks in your software projects.

🔧 Open-Source Projects

The Phylum CLI provides direct access to the Phylum platform. Create and submit project lockfiles/manifest files (e.g., package-lock.json, requirements.txt, etc.)

Birdcage (Cross-platform Execution Sandbox)

A cross-platform sandbox used in the Phylum CLI to provide a locked down environment for package installation.

🌐 Find Us Online

🧟‍♂️ 2023: Softare Supply Chain Attack Reporting

We have successfully identified numerous supply chain attacks. So far in 2023 we've reported on:

Pinned Loading

  1. cli cli Public

    Command line interface for the Phylum API

    Rust 103 11

  2. phylum-analyze-pr-action phylum-analyze-pr-action Public

    GitHub Action to analyze Pull Requests for open-source supply chain issues

    15 2

  3. birdcage birdcage Public

    Cross-platform embeddable sandboxing

    Rust 180 7

  4. install-phylum-latest-action install-phylum-latest-action Public archive

    GitHub Action to install phylum CLI tool

    1

  5. community-extensions community-extensions Public

    A collection of community extensions for the Phylum CLI

    TypeScript 1 1

  6. phylum-ci phylum-ci Public

    Python package for handling CI and other integrations

    Python 10 1

Repositories

Showing 10 of 26 repositories
  • documentation Public

    Documentation for the Phylum products

    phylum-dev/documentation’s past year of commit activity
    JavaScript 1 1 12 1 Updated Dec 20, 2024
  • cli Public

    Command line interface for the Phylum API

    phylum-dev/cli’s past year of commit activity
    Rust 103 GPL-3.0 11 29 (1 issue needs help) 0 Updated Dec 20, 2024
  • phylum-analyze-pr-action Public

    GitHub Action to analyze Pull Requests for open-source supply chain issues

    phylum-dev/phylum-analyze-pr-action’s past year of commit activity
    15 GPL-3.0 2 0 0 Updated Dec 19, 2024
  • phylum-types Public

    Public shared types for the phylum api and cli

    phylum-dev/phylum-types’s past year of commit activity
    Rust 0 MIT 1 2 1 Updated Dec 19, 2024
  • purl Public

    Package URL implementation for Rust

    phylum-dev/purl’s past year of commit activity
    Rust 11 MIT 0 0 0 Updated Dec 17, 2024
  • phylum-ci Public

    Python package for handling CI and other integrations

    phylum-dev/phylum-ci’s past year of commit activity
    Python 10 GPL-3.0 1 9 1 Updated Dec 16, 2024
  • birdcage Public

    Cross-platform embeddable sandboxing

    phylum-dev/birdcage’s past year of commit activity
    Rust 180 GPL-3.0 7 2 1 Updated Nov 14, 2024
  • community-extensions Public

    A collection of community extensions for the Phylum CLI

    phylum-dev/community-extensions’s past year of commit activity
    TypeScript 1 GPL-3.0 1 2 0 Updated Nov 13, 2024
  • vuln-reach Public

    A library for building tools to determine if vulnerabilities are reachable in a code base.

    phylum-dev/vuln-reach’s past year of commit activity
    Rust 12 Apache-2.0 1 20 0 Updated Aug 8, 2024
  • policy Public
    phylum-dev/policy’s past year of commit activity
    Open Policy Agent 1 GPL-3.0 0 0 1 Updated Jul 29, 2024

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…