Security●Mid
Pqurp – Quarantine Window for Packages to Prevent Supply Chain Attacks
Speculative protocol for package quarantine without a reference implementation or registry buy-in.
Bold Bet
exec7
501mo ago
Back to browse
Map of 90 companies in the co-packaged optics supply chain
by lboquillon·May 18, 2026·1 point·0 comments
AI Analysis
●●SolidNiche GemRabbit Hole
Maps hidden monopolies like Soitec wafers and Ajinomoto dielectric films.
Strengths
- •Traces upstream suppliers most maps miss — from indium phosphide to MOCVD reactors.
- •Builds on author's existing Investmap graph with 450+ semiconductor companies.
- •Explains why copper traces are hitting physical limits in AI server racks.
Weaknesses
- •Static Substack post — not a live, filterable database or API.
- •No export options or data downloads for further analysis.
Category
Target Audience
Semiconductor investors and hardware supply chain analysts
Similar To
Investmap · Supply Chain Dive · Semiconductor Industry Association reports
Similar Projects
Security●Mid
Lateos/NPM-scan – open-source NPM supply chain scanner, v0.18.3
NPM supply chain scanner competing against Socket, Snyk, and npm audit.
Ship It
lateos-ai
1015d ago
Security●Mid
Package Proxy
Yet another package proxy when Sonatype, Verdaccio, and Cloudsmith already own this space.
Ship It
mslaviero
2013d ago
Security●Mid
I built an AI-agent skill to audit supply-chain attack exposure
Dependabot already does this without the AI agent overhead.
Ship It
WasimBhai
1021d ago
Security●●●Banger
Pipguard – pre-install malware scanner for Python supply-chain attacks
Behavioral malware scanning before install, unlike pip-audit.
Solve My Problem
secondmod
202mo ago
Security●●●Banger
CI/lock – supply-chain attestation CLI, from the Witness creators
From Witness/in-toto creators, keyless attestation blocks poisoned CI runs.
Big BrainZero to One
colek42
108d ago