Spectra Assure
Community
Docs

Spectra Assure Community

Find the best building blocks for your next app.


Secure Open Source

Secure Open Source

Building secure software requires the best of Open Source.


Spectra Assure Community allows you to review the key aspects of software safety before including your next dependency.

Share Assessment Reports

Share Assessment Reports

Customers demand software transparency.


Go beyond sharing a simple SBOM. Demonstrate your commitment to building secure software. Share assessments, raise concerns, and triage issues together with your users. Cut the noise and prioritize what matters.

Secure Dev Toolchains

Secure Dev Toolchains

Building secure software relies on trustworthy development toolchains.


Spectra Assure Community allows you to trust the compilers, linkers, IDE plugins and CI/CD pipelines that you use to build apps.

Complete Approach to
Secure Software Supply Chains

Malicious attacks on public open source repositories are now as pervasive as developers' use of open source dependencies. Spectra Assure Community monitors open source packages to identify malware, code tampering and indicators of software supply chain attacks.

Quick guided tour

Learn how our reports helps you make the best choices for keeping your credentials, projects and end-users safe from malicious attacks.

5M+
Number of Packages
15k+
Malicious Packages
3k+
ReversingLabs Research



ANSI escape codes for styling strings in the terminal
latest
Version: 6.2.1Published: almost 2 years ago
pass
Everything is awesome!
chalk
Top 10
Terminal string styling done right
latest
Version: 5.3.0Published: about 1 year ago
pass
Everything is awesome!
debug
Top 10
Lightweight debugging utility for Node.js and the browser
latest
Version: 4.3.5Published: about 2 months ago
pass
Everything is awesome!
has-flag
Top 10
Check if argv has a specific flag
latest
Version: 5.0.1Published: about 3 years ago
pass
Everything is awesome!
ms
key project
Top 10
Tiny millisecond conversion utility
latest
Version: 2.1.3Published: over 3 years ago
pass
Everything is awesome!
semver
Top 10
The semantic version parser used by npm.
latest
Version: 7.6.3Published: 9 days ago
pass
Everything is awesome!
Generates and consumes source maps
latest
Version: 0.7.4Published: about 2 years ago
pass
Everything is awesome!
Strip ANSI escape codes from a string
latest
Version: 7.1.0Published: about 1 year ago
pass
Everything is awesome!
Detect whether a terminal supports color
latest
Version: 9.4.0Published: about 1 year ago
pass
Everything is awesome!
tslib
Top 10
Runtime library for TypeScript helper functions
latest
Version: 2.6.3Published: about 2 months ago
pass
Everything is awesome!

ReversingLabs Loves Open Source

ReversingLabs Threat Research team protects Open Source communities from threats hidden in the software supply chain. Using the Spectra Assure platform capabilities, our team helps with removing malicious code from package repositories. Threat intelligence found on this website is shared back with the Open Source community.

We contribute the lists of malicious packages we discover to the OSSF Malicious Packages Database.