Hipcheck ✅
@hipcheck.mitre.org
Identify risky software dependencies. All based on plugins, configure them how you want. Open source, built by MITRE, a not-for-profit.
✅ hipcheck.mitre.org
💻 github.com/mitre/hipcheck
✅ hipcheck.mitre.org
💻 github.com/mitre/hipcheck
Hipcheck 3.13.0 is here! 🎉
✅ Clearer reporting when we recommend "investigate" because of an "investigate-if-fail" policy.
✅ A new "hc explain target-triple" subcommand.
✅ Work toward supporting "multi-target" runs of Hipcheck based on files like go.mod, package-lock.json, or Cargo.lock
✅ Clearer reporting when we recommend "investigate" because of an "investigate-if-fail" policy.
✅ A new "hc explain target-triple" subcommand.
✅ Work toward supporting "multi-target" runs of Hipcheck based on files like go.mod, package-lock.json, or Cargo.lock
Hipcheck 3.13.0 Release
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
April 11, 2025 at 6:57 PM
Hipcheck 3.13.0 is here! 🎉
✅ Clearer reporting when we recommend "investigate" because of an "investigate-if-fail" policy.
✅ A new "hc explain target-triple" subcommand.
✅ Work toward supporting "multi-target" runs of Hipcheck based on files like go.mod, package-lock.json, or Cargo.lock
✅ Clearer reporting when we recommend "investigate" because of an "investigate-if-fail" policy.
✅ A new "hc explain target-triple" subcommand.
✅ Work toward supporting "multi-target" runs of Hipcheck based on files like go.mod, package-lock.json, or Cargo.lock
Announcing the Hipcheck Python Plugin SDK!
With this SDK, you can now easily create Hipcheck plugins in Python. This SDK is at full feature parity with the existing Rust SDK. Give it a try, and let us know what you think!
hipcheck.mitre.org/blog/python-...
With this SDK, you can now easily create Hipcheck plugins in Python. This SDK is at full feature parity with the existing Rust SDK. Give it a try, and let us know what you think!
hipcheck.mitre.org/blog/python-...
Python Plugin SDK Initial Release
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
April 11, 2025 at 6:53 PM
Announcing the Hipcheck Python Plugin SDK!
With this SDK, you can now easily create Hipcheck plugins in Python. This SDK is at full feature parity with the existing Rust SDK. Give it a try, and let us know what you think!
hipcheck.mitre.org/blog/python-...
With this SDK, you can now easily create Hipcheck plugins in Python. This SDK is at full feature parity with the existing Rust SDK. Give it a try, and let us know what you think!
hipcheck.mitre.org/blog/python-...
Hipcheck 3.12.0 is out! 🎉
✅ SemVer constraints for plugins
✅ New flag for "hc ready"
✅ New command to manage plugin cache
✅ Initial support for containerized plugins
✅ Improvements to plugin logging
🧪 An experimental Python plugin SDK!
⚠️ New minimum glibc version
hipcheck.mitre.org/blog/hipchec...
✅ SemVer constraints for plugins
✅ New flag for "hc ready"
✅ New command to manage plugin cache
✅ Initial support for containerized plugins
✅ Improvements to plugin logging
🧪 An experimental Python plugin SDK!
⚠️ New minimum glibc version
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.12.0 Release
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
March 18, 2025 at 6:28 PM
Hipcheck 3.12.0 is out! 🎉
✅ SemVer constraints for plugins
✅ New flag for "hc ready"
✅ New command to manage plugin cache
✅ Initial support for containerized plugins
✅ Improvements to plugin logging
🧪 An experimental Python plugin SDK!
⚠️ New minimum glibc version
hipcheck.mitre.org/blog/hipchec...
✅ SemVer constraints for plugins
✅ New flag for "hc ready"
✅ New command to manage plugin cache
✅ Initial support for containerized plugins
✅ Improvements to plugin logging
🧪 An experimental Python plugin SDK!
⚠️ New minimum glibc version
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.11.0 is out! 🎉
Featuring usability improvements like integrating plugins into the "hc ready" command, to be sure you're ready to run, better error reporting from plugins, improved JSON format final analysis reports, and more!
hipcheck.mitre.org/blog/hipchec...
Featuring usability improvements like integrating plugins into the "hc ready" command, to be sure you're ready to run, better error reporting from plugins, improved JSON format final analysis reports, and more!
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.11.0 Release
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
February 26, 2025 at 7:21 PM
Hipcheck 3.11.0 is out! 🎉
Featuring usability improvements like integrating plugins into the "hc ready" command, to be sure you're ready to run, better error reporting from plugins, improved JSON format final analysis reports, and more!
hipcheck.mitre.org/blog/hipchec...
Featuring usability improvements like integrating plugins into the "hc ready" command, to be sure you're ready to run, better error reporting from plugins, improved JSON format final analysis reports, and more!
hipcheck.mitre.org/blog/hipchec...
Hipcheck offers levels of configurability to smoothly ramp up users from no-config out of the box to any level of flexibility you need!
Come learn about configuring default policies, setting custom policies, and creating your own analysis plugins!
hipcheck.mitre.org/blog/hipchec...
Come learn about configuring default policies, setting custom policies, and creating your own analysis plugins!
hipcheck.mitre.org/blog/hipchec...
Hipcheck's Ramp of Maximum Configurability
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
February 12, 2025 at 10:21 PM
Hipcheck offers levels of configurability to smoothly ramp up users from no-config out of the box to any level of flexibility you need!
Come learn about configuring default policies, setting custom policies, and creating your own analysis plugins!
hipcheck.mitre.org/blog/hipchec...
Come learn about configuring default policies, setting custom policies, and creating your own analysis plugins!
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.10.0 is out! 🎉
This release features:
✅ Improvements to the query protocol between Hipcheck and its plugins
✅ A new "env" macro for policy files
✅ The start of English-language policy explanations, and more!
hipcheck.mitre.org/blog/hipchec...
This release features:
✅ Improvements to the query protocol between Hipcheck and its plugins
✅ A new "env" macro for policy files
✅ The start of English-language policy explanations, and more!
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.10.0 Release
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
February 1, 2025 at 12:06 AM
Hipcheck 3.10.0 is out! 🎉
This release features:
✅ Improvements to the query protocol between Hipcheck and its plugins
✅ A new "env" macro for policy files
✅ The start of English-language policy explanations, and more!
hipcheck.mitre.org/blog/hipchec...
This release features:
✅ Improvements to the query protocol between Hipcheck and its plugins
✅ A new "env" macro for policy files
✅ The start of English-language policy explanations, and more!
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.9.1 is out, with fixes to our Containerfile, better support for specifying custom paths in policy files, and a refactor to improve target resolution!
hipcheck.mitre.org/blog/hipchec...
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.9.1 Release
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
January 9, 2025 at 3:07 PM
Hipcheck 3.9.1 is out, with fixes to our Containerfile, better support for specifying custom paths in policy files, and a refactor to improve target resolution!
hipcheck.mitre.org/blog/hipchec...
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.8.0 is out! 🎉 This release includes stable support for third-party plugins, plus improvements to the Rust plugin SDK.
hipcheck.mitre.org/blog/hipchec...
hipcheck.mitre.org/blog/hipchec...
Hipcheck 3.8.0 Release
Helping maintainers assess software packages for long-term risk.
hipcheck.mitre.org
December 12, 2024 at 9:43 PM
Hipcheck 3.8.0 is out! 🎉 This release includes stable support for third-party plugins, plus improvements to the Rust plugin SDK.
hipcheck.mitre.org/blog/hipchec...
hipcheck.mitre.org/blog/hipchec...
Hello world!
Hipcheck is an open source project to empower maintainers to assess their dependencies.
Take 100s of dependencies down to a few that look concerning, based on your chosen plugins and configuration!
We don't force any policy; all defaults can be changed!
mitre.github.io/hipcheck/
Hipcheck is an open source project to empower maintainers to assess their dependencies.
Take 100s of dependencies down to a few that look concerning, based on your chosen plugins and configuration!
We don't force any policy; all defaults can be changed!
mitre.github.io/hipcheck/
Hipcheck
mitre.github.io
October 23, 2024 at 6:59 PM
Hello world!
Hipcheck is an open source project to empower maintainers to assess their dependencies.
Take 100s of dependencies down to a few that look concerning, based on your chosen plugins and configuration!
We don't force any policy; all defaults can be changed!
mitre.github.io/hipcheck/
Hipcheck is an open source project to empower maintainers to assess their dependencies.
Take 100s of dependencies down to a few that look concerning, based on your chosen plugins and configuration!
We don't force any policy; all defaults can be changed!
mitre.github.io/hipcheck/