Hipcheck ✅

It's true, we document how to debug Hipcheck!

Hipcheck exists to empower software devs to make informed OSS dependency choices, and we want to empower our users when something goes wrong too.

Hipcheck 3.13.0 is here! 🎉

✅ Clearer reporting when we recommend "investigate" because of an "investigate-if-fail" policy.
✅ A new "hc explain target-triple" subcommand.
✅ Work toward supporting "multi-target" runs of Hipcheck based on files like go.mod, package-lock.json, or Cargo.lock

Announcing the Hipcheck Python Plugin SDK!

With this SDK, you can now easily create Hipcheck plugins in Python. This SDK is at full feature parity with the existing Rust SDK. Give it a try, and let us know what you think!

hipcheck.mitre.org/blog/python-...

On the new glibc minimum version, this is due to GitHub sunsetting support for Ubuntu 20.04 runners, and we've included a guide for still running new releases on Ubuntu 20.04 either by installing a newer glibc or building Hipcheck yourself.

Hipcheck 3.12.0 is out! 🎉

✅ SemVer constraints for plugins
✅ New flag for "hc ready"
✅ New command to manage plugin cache
✅ Initial support for containerized plugins
✅ Improvements to plugin logging
🧪 An experimental Python plugin SDK!
⚠️ New minimum glibc version

hipcheck.mitre.org/blog/hipchec...

Hipcheck 3.11.0 is out! 🎉

Featuring usability improvements like integrating plugins into the "hc ready" command, to be sure you're ready to run, better error reporting from plugins, improved JSON format final analysis reports, and more!

hipcheck.mitre.org/blog/hipchec...

Hipcheck offers levels of configurability to smoothly ramp up users from no-config out of the box to any level of flexibility you need!

Come learn about configuring default policies, setting custom policies, and creating your own analysis plugins!

hipcheck.mitre.org/blog/hipchec...

Last but not least, all of our first-party plugins have been upgraded to use the new SDK, so they *also* get the benefit of the query protocol improvements!

hipcheck.mitre.org/docs/guide/p...

We also released version 0.3.1 of the Rust SDK! 🦀

This includes support for the plugin protocol improvements, including new APIs for batching queries, plus a number of documentation and API structure improvements.

docs.rs/hipcheck-sdk...

Hipcheck 3.10.0 is out! 🎉

This release features:

✅ Improvements to the query protocol between Hipcheck and its plugins
✅ A new "env" macro for policy files
✅ The start of English-language policy explanations, and more!

hipcheck.mitre.org/blog/hipchec...

Hipcheck 3.9.1 is out, with fixes to our Containerfile, better support for specifying custom paths in policy files, and a refactor to improve target resolution!

hipcheck.mitre.org/blog/hipchec...

Hipcheck 3.8.0 is out! 🎉 This release includes stable support for third-party plugins, plus improvements to the Rust plugin SDK.

hipcheck.mitre.org/blog/hipchec...

Hipcheck is written in Rust, and we have an SDK out today to make it easier to write plugins in Rust!

We'd love to partner with anyone who's interested in making a plugin!

docs.rs/hipcheck-sdk...

#rust #rustlang

Hello world!

Hipcheck is an open source project to empower maintainers to assess their dependencies.

Take 100s of dependencies down to a few that look concerning, based on your chosen plugins and configuration!

We don't force any policy; all defaults can be changed!

mitre.github.io/hipcheck/