φ phi
// multi-ecosystem supply chain firewall · v0.6.4
v0.6.4 · npm + Go modules · 19 detectors · OSV · zero postinstall

Nothing touches your system unverified.

phi is install-time interception for software supply chains. Every dependency — transitives included — gets scanned in memory before any code reaches disk. Lifecycle scripts off by default. Single Go binary. One tool, two ecosystems: npm packages and Go modules, same scan engine, same audit trail.

npm package.json + phi.lock Go modules go.mod + go.work + phi.lock
linux/mac curl -sSL https://phi.philtechs.org/install.sh | sh
windows iwr -useb https://phi.philtechs.org/install.ps1 | iex
Read the docs → View on GitHub ↗ MIT · Go 1.21+
§01
The supply chain problem

Open-source registries are shipping malware on a schedule now.

recent supply-chain incidents · selected source: GHSA + OpenSSF + reporters
NOV 2018·buried transitive
event-stream via flatmap-stream
A new maintainer added flatmap-stream as a sub-dependency, which targeted users with the Copay Bitcoin wallet in their tree and stole private keys. ~2M weekly downloads.
blast: Copay wallet keys, downstream apps
OCT 2021·maintainer compromise
ua-parser-js@0.7.29 / 0.8.0 / 1.0.0
Maintainer's npm account was compromised; three malicious versions were published containing a Linux/macOS crypto miner and a Windows password stealer. ~7M weekly downloads.
blast: mined CPU, stolen browser creds
JUL 2025·credential exfil
eslint-config-prettier
Compromised maintainer token published a malicious version that exfiltrated developer credentials. The package is in the dep tree of nearly every TypeScript project.
blast: developer tokens, npm publish creds

npm + audit + snyk

  1. 01resolve tree
  2. 02fetch tarballs
  3. 03extract to node_modules
  4. 04postinstall executes ← game over
  5. 05audit known CVEs · too late

phi

  1. 01resolve tree
  2. 02fetch tarballs & verify sha512
  3. 03scan in-memory · 19 detectors + OSV
  4. 04verdict per package · block / review / install
  5. 05extract only what cleared · scripts off

The line at step 03 is the architectural moat. Bytes never touch your disk before the verdict.

§02
Defense in depth

Nineteen detectors across two ecosystems. One score.

§03
The score

From a tarball to a verdict — in memory, before disk.

Each detector hit adds points. Sum < 20 installs silently. 20–59 prompts. 60+ refuses, writes a report, exits non-zero. Pick a real package — watch the needle move.

§04
Drop-in · scaffold · ship

Read the manifest. Write the dep tree. Refuse the bad bytes.

phi audit, phi install, phi outdated, phi why, phi check — same shape as your existing tooling, with the safety baked into the install path. Auto-detects whether you're in a Node.js or Go project from the manifest in cwd (package.json or go.mod) and dispatches the matching pipeline. phi create <framework> bootstraps React, Next, Express, Fastify, or Nest projects; phi init --go <path> scaffolds a new Go module. phi x <pkg> is a drop-in replacement for npx on the Node side; phi install <tool>@latest is the scan-then-install analog of go install. phi ci is the one-line non-interactive install for Docker / GitHub Actions on the Node side; phi audit --strict is the CI gate on the Go side, refusing builds when phi.lock has un-overridden BLOCKED entries. Trust a flagged package? --force records the override; .phi-allow commits a project-level allowlist. Keep phi current with phi self-update — verifies the new binary's sha256 against checksums.txt before swapping itself.

ecosystems shipped: npm · Go modules · ecosystems queued: PyPI · crates.io · same pipeline, different parsers

Stop installing strangers' code blind.

Single binary. No daemon. No telemetry. No registry account required. MIT licensed.

Install phi → View source ↗
01 · INSTALL
Get the binary on your platform
02 · DOCS
Commands, flags, lockfiles, workspaces
03 · DETECTORS
What each scoring signal means
04 · FAQ
npm/yarn parity, false positives, etc.