Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Add more rules to .packj.yaml and code placeholder for additional upcoming checks.
Add support to dump version info as per the feature request: https://github.com/ossillate-inc/packj/issues/27
This release
Rename config to '.packj.yaml' for consistent usage across PyPI package, Docker instance, and GitHub runner.
Modify code to accept '.packj.yaml' for customizing alerts
List dependencies in setup.py file using requires_dist
Rename 'packj.yaml' in MANIFEST.in to 'config.yaml' to reflect the current filename.