Ask and you shall receive: https://stacktower.io/

Oh cool. That's a promising start.

I don't know if the "The Nebraska Guy Ranking" this project uses is very useful, though. In particular the "depth" criteria doesn't make much sense to me, since it assumes the more foundational a dependency is, the more robust it must be. This seems to run counter to the point of the original comic where the "Nebraska Guy" piece was the fragile block holding up the entire tower.

This project also doesn't attempt to measure or visualize the complexity of a project. Theoretically a more complex project would require more support than a simple one, so I think that's an important metric to capture.

▲

withinboredom 7 hours ago | parent | prev [-]

bro. it asks for the ability for some random github user to literally take over your private repositories.

▲

matzehuels 14 minutes ago | parent | next [-]

You’re 100% right to call that out. The current GitHub OAuth scope is too broad

I’m changing this ASAP to least-privilege and I’ll publish a clear explanation of scopes + data handling. In the meantime: please run the local/CLI path if you want zero-trust.

	▲	withinboredom 9 minutes ago \| parent [-]
		Damn dude. That’s awesome! I saw the permissions it wanted out of every org I’m a part of (including some big open source orgs) — I’d probably find myself booted out of those orgs if I accepted that. They def get a notification on every authentication like that and take potential impersonation seriously.

▲

claar 4 hours ago | parent | prev [-]

Yeah, if it weren't for that, I think this would blow up. Plus, even if you get past that, if you try a larger project, it times out after 1 minute and gives up. But it's a pretty awesome idea!

	▲	matzehuels 17 minutes ago \| parent [-]
		hey! I built this, I know its really scrappy, I just don't have enough time currently to make right by users. I'm on it though... stay tuned