vet is a tool for identifying risks in open source software supply chain. It goes beyond just vulnerabilities and provides visibility on OSS package risks due to it's license, popularity, security hygiene, and more. vet is designed with the goal of helping software development teams consume safe and trusted OSS components through automated vetting in CI/CD.