Show HN: OSS sustain guard – Sustainability signals for OSS dependencies

After every high-profile OSS incident, I wonder about the packages I rely on right now. I can skim issues/PRs and activity on GitHub, but that doesn’t scale when you have tens or hundreds of dependencies. I built this to surface sustainability signals (maintainer redundancy, activity trends, funding links, etc.) and create awareness. It’s meant to start a respectful conversation, not to judge projects. These are signals, not truth; everything is inferred from public data (internal mirrors/private work won’t show up).

Quick start: pip install oss-sustain-guard export GITHUB_TOKEN=... os4g check

It uses GitHub GraphQL with local caching (no telemetry; token not uploaded/stored), and supports multiple ecosystems (Python/JS/Rust/Go/Java/etc.).

Repo: https://github.com/onukura/oss-sustain-guard

I’d love feedback on metric choices/thresholds and wording that stays respectful. If you have examples where these signals break down, please share.