PenRUSH

Supply-chain pre-flight gate

Don't let a fresh package land before you do.

don't rush to download.

PenRUSH is a pre-install pre-flight gate that blocks supply-chain attacks before they land.

Get PenRUSH How it works

Mechanism

The only gate is time.

Most supply-chain attacks are caught within days of publication — after the malicious version is pulled, but before the next victim installs it. PenRUSH puts that window on your side. It runs locally, before a package reaches your machine, and reports the way a gauge reports a reading.

01 / cooldown

14 days, on purpose

A package version younger than its publication age threshold doesn't install yet. Freshly published code waits in the open where the ecosystem can find problems with it — not on your disk.

02 / multi-ecosystem

One gate, every registry

The same pre-flight runs across npm, PyPI, crates.io, RubyGems, and Go modules. Publication age and the pinned digest are checked against each registry before a single byte is fetched.

03 / local & open

Runs locally. Open source.

No account, no telemetry, no phone-home. PenRUSH is Apache-2.0 and executes entirely on your machine. The audit trail is yours; nothing leaves it.

gated ecosystems // npm · pip / PyPI · cargo / crates.io · gem / RubyGems · go modules

Download

Get PenRUSH

Releases pending security audit

Download — awaiting security audit

Verified, signed releases ship after PenRUSH’s own independent security audit — by design. We don’t hand you a security tool that hasn’t cleared a pentest first. When the audit passes, this button serves the signed binary from GitHub Releases, with the verification recipe below.

Trust, but verify

Verify every byte before you run it.

Every release is reproducibly built and signed. You don’t need an account, and there’s no telemetry — anyone can confirm a binary was built by this repository’s release workflow and left untampered, with three independent checks.

Check 01

SHA-256 checksum

Confirm the binary matches the published checksums.txt — byte-for-byte, before anything runs.

Check 02

Sigstore signature

Keyless cosign verification proves the checksums were signed by this repo’s release workflow — no long-lived key exists.

Check 03

SLSA L3 provenance

slsa-verifier confirms the binary was produced by the trusted SLSA builder from this source — at this tag.

# 1 — checksum
sha256sum --check --ignore-missing checksums.txt

# 2 — Sigstore signature (keyless)
cosign verify-blob --bundle checksums.txt.cosign.bundle \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  checksums.txt

# 3 — SLSA L3 provenance
slsa-verifier verify-artifact "$BIN" \
  --provenance-path "$BIN.intoto.jsonl" --source-uri "github.com/OWNER/REPO"

// Full recipe — including exact identity regex and per-platform artifacts — ships in docs/RELEASE.md with the first signed release.