# ClosedSSPM

> An open-source SSPM tool written in Go

- **URL**: https://www.freshcrate.ai/projects/ClosedSSPM
- **Author**: PiotrMackowski
- **Category**: MCP Servers
- **Latest version**: `v0.4.1` (2026-03-15)
- **License**: Apache-2.0
- **Source**: https://github.com/PiotrMackowski/ClosedSSPM
- **Homepage**: https://closedsspm.com
- **Language**: Go
- **GitHub**: 1 stars
- **Registry**: github
- **Tags**: `cli`, `entra-id`, `go`, `golang`, `google-workspace`, `mcp`, `open-source`, `saas`

## Description

An open-source SSPM tool written in Go

## Recent releases

| Version | Date | Urgency | Changes |
| --- | --- | --- | --- |
| `v0.4.1` | 2026-03-15 | Medium | ## Changelog * c04014ef824c0d777a84e2d281be9d875e77aa72 chore(deps): consolidate dependency updates (#62) * 4e9df734e41df401a9a3cef6780bf8071a4da4dd deps: upgrade golang.org/x/net v0.50.0 → v0.51.0 (GO-2026-4559) (#54) * 30acc318ff0ca6b2088516a5c4dfefc30af569c0 feat: AGENTS.md, multi-platform Action, Entra cert auth, GW ADC, docs & tests (#64) |
| `v0.4.0` | 2026-03-07 | Low | ## Changelog * 50bb200e7a75d28954651b3fa9f799794a900a7e feat(finding): add Platform field with HTML/CSV/SARIF support and merge-snapshot fix (#52) * 49291585832e9c7be77e74ec1ded7c32604b1594 feat: add Google Workspace and Entra ID OAuth security connectors (#49) * 5a1906b1d43414239d448dd290ab4fa0e199bcde feat: multi-platform scanning, ConnectorConfig refactor, slog, shared test infra, DefectDojo docs (#51) * 29a9915b76372ee63a367b7bffdb7d7343f1c8a9 feat: platform findings filter + security harden |
| `v0.3.1` | 2026-03-06 | Low | ## Changelog * b852e6df7ad6525a4cdc62b31949d1a400af1424 fix(ci): fix Docker image provenance + add fuzz tests (#47) * b74b3836dee17dda57094440120f87117ce21e64 revert(ci): revert SLSA L3 provenance, restore cosign signing (#48) * 21fc68dbdf814240047b58d87700a81fdba21c49 style: apply gofmt -s to fix alignment and import ordering (#38) * f1609e54d954550ef57ef499c42ff60814b44662 style: apply gofmt -s to fix composite literal simplifications in tests (#45) |
| `v0.3.0` | 2026-03-03 | Low | ## Changelog * 0e47d55d15a9a4f075d5fb145f4c35dc81d6accb deps: bump golang.org/x/crypto (#35) * fa34756a2dcde0a705f2edbbea082624ec61192b feat(servicenow): add SAST-lite script scanning with 25 detection rules (#36) * d7bd42e83718e14fa98248a61e29e14c6e71dda2 feat: add Snowflake security posture connector with 30 policies (#34) * ec6bde8b88214de7a29f2e6b2367fc62347de0b0 fix(docs): prevent basic auth lockout in API key setup script (#37) |
| `v0.2.3` | 2026-03-01 | Low | ## Changelog * 6f2042b7b893976b7cadc8d11e20d2d14c9ec669 docs(readme): fix OpenCode repository URL (#33) |
| `v0.2.2` | 2026-03-01 | Low | ## Changelog * f55ef4e8ec30ca7c02d1f49f0cb861056302b3e1 chore: add build binaries and CSV reports to .gitignore * fc3f89dfcf7d7bbe0459761247d0d8576b135f62 docs(readme): add report screenshot, document CSV format, update architecture tree * a0a8ba63584e83b17ab77dfb53fff475258ce81f docs(readme): mention AI-assisted development with OpenCode (#31) * 20b49ad3f8c4586a02ece86e2605c4c085114d08 feat(policy): add 28 ServiceNow security hardening rules (#29) * 0e150515bd1361965da97368cf2b364d1257a761 feat |
| `v0.2.1` | 2026-02-28 | Low | ## Changelog * a1fb128bf513589e3a085fd206a23f518e4f1a0e feat(report): add CSV output format with --format csv * 6c922e509a0ae3589d41c395ff5beb4cfd92bac5 feat(report): add collapsible groups, search box, and sticky toolbar * ba621fb563a5d87e7c9e9025b9b75815848a4b17 perf(report): embed findings as JSON with lazy DOM rendering * 4124db2fbb9ee559a66520418a54b5b5f7c4c75e refactor(finding): rename Evidence fields to SaaS-neutral names for multi-platform support * 4758cea39a969120f1db36187aa0a51ba4f77a |
| `v0.2.0` | 2026-02-28 | Low | ## Changelog * ff8c029eaf7e6acfaac1fee7b8c982d306c3c3d3 feat(connector): add platform connector registry * 73dcbd018cfc34bc96d92aede77cd9e4631562ed feat(connector): add platform connector registry * 65e4c320ddbec18ebad535370db6393d9f7acdb0 feat(release): sign checksums and Docker images with cosign keyless * 370df065ad58fb4571fac728b8325a278785a15e feat(report): add interactive severity filters and group-by controls to HTML report * fa6b9feaca647d5398e6b6a65633f3db0b40c14d fix(ci): pin Syft inst |

## Dependency audit

- **Score**: 62/100
- **Total deps**: 9
- **Resolved**: 0
- **Unresolved**: 9
- **License conflicts**: 0
- **Warnings**: 9
- **Scanned**: 2026-04-27

## Citation

- HTML: https://www.freshcrate.ai/projects/ClosedSSPM
- Markdown: https://www.freshcrate.ai/projects/ClosedSSPM.md
- Dependencies JSON: https://www.freshcrate.ai/api/projects/ClosedSSPM/deps

_Generated by freshcrate.ai. Indexes github releases for AI-agent ecosystem packages._