sip (Safe Install Proxy) is a secure, cross-language CLI tool for safely installing packages from curated, verified registries. It wraps native package managers like pip, cargo, and go to prevent supply chain attacks.
git clone [email protected]:exekis/sip.git # or replace with https
cd sip
cargo build
cargo install --path .sip install requests --lang python- Have a community maintained repo of trusted packages and libraries, with a safety score
- Trusted packages repo, containing verified packages (verified users can vote for safe packages, this increases the trust score)
sipstops and warns the users before installing any unverified packages- Prevent typosquatting
- Support Python, Rust, Go, and more
MVP bootstrap in progress.