7
2 Comments

Use GitHub Actions to monitor your web apps for free

by jlar188

I don't see a lot of discussion or awareness around software supply chain in the indie hacker community. I have a security background, so maybe I am a little biased in thinking there should be more awareness.

There have been a number of cases where someone compromised a widely used package that was then included as a dependency in many people's downstream projects/products. This is an appealing target for hackers because they can exploit a package once and potentially affect a large number of victims if the package is widely used. This has happened recently in Python, Ruby, and JavaScript packages as well as Docker images.

Anyway, I've built some tools I use to track 3rd party software risk in apps I develop. I cleaned them up and packaged it as an open-source tool for anyone interested in learning more or using it themselves. It runs in your own GitHub account using GitHub Actions for automation.

https://driftbot.io/

Hopefully some folks find it useful.

posted to
Developers
 on May 3, 2021
Say something nice to jlar188…
Post Comment
  1. 2

    This is pretty cool (your website looks nice as well!) and useful. I think you went the right path by going open source.

    typologist
    ·
    3 years ago
    ·
    Reply
  2. 1

    Thanks for the advice here! Have been curious about poking around github more these days...

    joelh
    ·
    3 years ago
    ·
    Reply
Trending on Indie Hackers
After 10M+ Views, 13k+ Upvotes: The Reddit Strategy That Worked for Me! 39 comments Getting first 908 Paid Signups by Spending $353 ONLY. 20 comments 🔥Roast my one-man design agency website 18 comments Launch on Product Hunt after 5 months of work! 16 comments Started as a Goodreads alternative, now it's taking a life of its own 12 comments I Sold My AI Startup for $1,500 and I'm Really Happy About It 11 comments