ossf/malicious-packages

GoApache-2.0active

Health

A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.

Stars512

Forks99

Open Issues31

Contributors99

Last Push3d ago

Health Breakdown

Activity

Community

Maintenance

Should you contribute to ossf/malicious-packages?

ossf/malicious-packages has a FoundDev health score of 77/100, which puts it in the active-and-maintained tier. The maintainer team is shipping recently, issues are being closed, and a PR you open this week has a realistic chance of being reviewed.

Last push was 3 days ago — that signals an actively maintained project. New issues are likely to get a maintainer response within days. The project is written primarily in Go, so prior Go experience will shorten ramp-up.

Licensed under Apache-2.0, a standard OSI-approved license — safe to contribute to under normal employer IP policies.

Community

ossf/malicious-packages

GoApache 2.0

A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.

active

★ 51299 contributors31 issues

3d ago

More Go repos

axone-protocol/axoned

⛓️ Axone blockchain 💫

★ 17493

bluenviron/gomavlib

Mavlink library (2.0 and 1.0) for the Go programming language

★ 18991

android-sms-gateway/server

The SMS Gateway for Android™ Server enables the dispatch of SMS messages through Android devices without requiring direct Internet access to them.

★ 12091