Hello all,<p>Very excited to share a tool I've been working on and explore it's feasibility with the community.<p>Customs Inspector hooks into Poetry's package management system to allow for manual auditing of package changes during updates.
It opens a browser with a diff view of the changes for you to manually audit.<p>The idea is to harness the community's collective effort to find malicious packages.<p>No one likes manual auditing, but perhaps, this makes it less so?<p>Looking forward to your thoughts