vishalgarg-sec/Software-Supply-Chain-Security

This project is a curated 'Awesome-style' list rather than a software tool. With 146 stars and a velocity of 0.0, it functions as a static educational resource rather than an active community-driven hub. From a competitive standpoint, it has no technical moat; the value lies entirely in the curation of external links. It faces heavy competition from more authoritative bodies like the OpenSSF (Open Source Security Foundation), CNCF Tag-Security, and NIST, who maintain live, industry-standard documentation and frameworks. The 'displacement horizon' is short (6 months) because in the rapidly evolving landscape of SSCS (e.g., SLSA updates, new SBOM standards), static lists become obsolete without high update frequency. It serves as a good entry point for students but lacks the 'data gravity' or utility required for an infrastructure-grade score.