Hacker News new | ask | show | jobs
by me_vinayakakv 537 days ago
https://socket.dev/ does a good job in detecting malicious packages in npm.

In their FAQ[1], they mention that they have plans to expand to PyPI as well.

[1]: https://docs.socket.dev/docs/faq