This product was not featured by Product Hunt yet. It will not be visible on their landing page and won't be ranked (cannot win product of the day regardless of upvotes).
Dependency Guardian
Supply chain protection that blocks malware at install
I've been building a tool called Dependency Guardian, and I'm looking for developers and security engineers to try it out.
I built it because I wanted protection from malicious npm and PyPI packages without changing how I work. When I went looking for something that already did this, I noticed traditional CVE based scanning had a blind spot where it only catches problems after they've been reported, and assigned a CVE. Which leaves a window where a malicious package can spread before anyone flags it.
The tool sits in front of package installs and inspects everything that actually lands on your machine. analyzing packages for suspicious behavior and supply chain risk signals before they install.
A few things it does:
Aliases to npm install and pip, so you keep using the commands you already know
Returns a warn, block, or pass, and prompts on ambiguity
Runs as both a GitHub App and a CLI
I'd really like feedback from engineers who work with Node, Python, or dependency security. What would stop you from trusting a tool like this? And what would make it useful enough to run every day?
No comment highlights available yet. Please check back later!
About Dependency Guardian on Product Hunt
“Supply chain protection that blocks malware at install ”
Dependency Guardian was submitted on Product Hunt and earned 4 upvotes and 1 comments, placing #130 on the daily leaderboard. Static supply chain scanner catches npm & PyPI attack patterns CVE databases miss: install scripts, credential theft, child process spawning, network exfil. 100 detectors, sandbox routing for eligible packages, GitHub App + CLI. Free plan.
Dependency Guardian was featured in Security (2.7k followers) on Product Hunt. Together, these topics include over 4.8k products, making this a competitive space to launch in.
Who hunted Dependency Guardian?
Dependency Guardian was hunted by mckeane mcbrearty. A “hunter” on Product Hunt is the community member who submits a product to the platform — uploading the images, the link, and tagging the makers behind it. Hunters typically write the first comment explaining why a product is worth attention, and their followers are notified the moment they post. Around 79% of featured launches on Product Hunt are self-hunted by their makers, but a well-known hunter still acts as a signal of quality to the rest of the community. See the full all-time top hunters leaderboard to discover who is shaping the Product Hunt ecosystem.
Want to see how Dependency Guardian stacked up against nearby launches in real time? Check out the live launch dashboard for upvote speed charts, proximity comparisons, and more analytics.
mckeane mcbrearty