Software supply chain attacks are the fastest-growing threat vector in the industry (event-stream, ua-parser-js, PyPI malware campaigns, Shai-Hulud worm). As AI agents lower the barrier to development, more and more code is getting shipped by people who are unaware of where their dependencies are coming from.
The existing solutions are either “trust everything” or “buy an enterprise platform.” There wasn't a simple, self-hosted, open-source middle ground until now.
It's a transparent, locally-hosted proxy that sits between your package managers (pip, npm, maven) and the public registries. Every package request is evaluated against policy rules before it ever reaches your machine or CI pipeline.
Out of the box it blocks:
Packages published less than 7 days ago (the primary attack window)
Typosquatted packages via Levenshtein distance detection
Packages with install scripts (postinstall, binding.gyp)
Pre-release and SNAPSHOT versions in production
Explicitly denied packages (customize your own deny list)
Velocity anomalies and suspicious version patterns
No database, UI, or vendor lock-in — simply one Go binary and a configurable YAML file.
The rule engine is readable, auditable, and fully customizable.
It ships with best-practices configs for npm, PyPI, and Maven, Docker images, Kubernetes manifests, and a 90-test Docker E2E suite.
Bulwark is meant for real-world use in development environments and CI pipelines, especially for teams that want supply chain protections without adopting a full enterprise platform.
It can be deployed independently or integrated into existing supply chain security systems.
More package support (cargo, cocoapods, rubygems) is coming soon. I’ll be actively maintaining the project, so contributions and feedback are welcome — give it a star if you find it useful!
Bluewaves54•1h ago
It's a transparent, locally-hosted proxy that sits between your package managers (pip, npm, maven) and the public registries. Every package request is evaluated against policy rules before it ever reaches your machine or CI pipeline. Out of the box it blocks: Packages published less than 7 days ago (the primary attack window) Typosquatted packages via Levenshtein distance detection Packages with install scripts (postinstall, binding.gyp) Pre-release and SNAPSHOT versions in production Explicitly denied packages (customize your own deny list) Velocity anomalies and suspicious version patterns No database, UI, or vendor lock-in — simply one Go binary and a configurable YAML file. The rule engine is readable, auditable, and fully customizable. It ships with best-practices configs for npm, PyPI, and Maven, Docker images, Kubernetes manifests, and a 90-test Docker E2E suite.
Bulwark is meant for real-world use in development environments and CI pipelines, especially for teams that want supply chain protections without adopting a full enterprise platform. It can be deployed independently or integrated into existing supply chain security systems.
More package support (cargo, cocoapods, rubygems) is coming soon. I’ll be actively maintaining the project, so contributions and feedback are welcome — give it a star if you find it useful!