Show HN: OSS Sustain Guard – Sustainability Signals for OSS Dependencies

Open‑source software now underpins the majority of enterprise applications, yet many organizations lack visibility into the long‑term viability of the libraries they consume. Recent high‑profile supply‑chain incidents have highlighted how a single unmaintained dependency can cascade into security breaches, downtime, and costly remediation. Tools that surface maintainer activity, community health, and funding status enable risk‑aware procurement and proactive stewardship, turning opaque dependency trees into manageable assets.

OSS Sustain Guard differentiates itself by combining a broad language footprint with a rich, CHAOSS‑aligned metric set. Its 24 core indicators—ranging from contributor churn to security issue response—are scored on a 0‑10 scale and aggregated into customizable profiles such as security‑first or long‑term stability. The platform auto‑detects manifest files, recursively scans monorepos, and integrates seamlessly with GitHub Actions, pre‑commit hooks, and other CI pipelines. Extensibility is baked in: developers can add new ecosystems via plugins or tailor metric weights to reflect organizational priorities, while local caching ensures repeated scans remain fast and cost‑effective.

For businesses, adopting OSS Sustain Guard translates into actionable intelligence that can be embedded into release gates and vendor assessments. By surfacing funding opportunities for community‑driven projects, it also encourages corporate social responsibility and strengthens the ecosystems they depend on. As open‑source supply‑chain governance becomes a regulatory focus, tools that provide transparent, empathetic, and data‑driven insights will be essential for maintaining software resilience and fostering sustainable collaboration.