Directories
¶
| Path | Synopsis |
|---|---|
|
adapters
|
|
|
engines
|
|
|
integrity
Package integrity validates checksum and integrity metadata in lockfiles.
|
Package integrity validates checksum and integrity metadata in lockfiles. |
|
topology
Package topology computes lockfile-structure risk signals.
|
Package topology computes lockfile-structure risk signals. |
|
versiondiff
Package versiondiff compares lockfile states to compute per-package risk deltas.
|
Package versiondiff compares lockfile states to compute per-package risk deltas. |
|
Package interproc provides interprocedural analysis capabilities for context-sensitive call graph analysis and taint tracking.
|
Package interproc provides interprocedural analysis capabilities for context-sensitive call graph analysis and taint tracking. |
|
Package priority computes composite risk scores combining capability, reachability, CVE, and taint analysis signals.
|
Package priority computes composite risk scores combining capability, reachability, CVE, and taint analysis signals. |
|
Package taint identifies packages that act as source→sink conduits — the highest-signal supply-chain finding: capabilities that both receive untrusted input and perform a dangerous operation.
|
Package taint identifies packages that act as source→sink conduits — the highest-signal supply-chain finding: capabilities that both receive untrusted input and perform a dangerous operation. |
Click to show internal directories.
Click to hide internal directories.