Dependency Security
In-depth guides and analysis on dependency security from the Safeguard engineering team.
11 articles
Mitigating npm Install Scripts Without Breaking Your Build
`--ignore-scripts` is the blunt fix that breaks node-sass and better-sqlite3. Here is the surgical version that keeps builds green and postinstalls contained.
.NET NuGet Package Security
Securing your .NET supply chain with NuGet package signing, lock files, and vulnerability scanning.
Rust Cargo Dependency Security Guide
How to secure your Rust supply chain with Cargo.lock, crate auditing, and build script controls.
Golang Module Security and Verification
Securing your Go module supply chain with checksum databases, GOPROXY, and vendor directories.
Kotlin Gradle Dependency Verification
Implement dependency verification in Kotlin Gradle projects with checksums, PGP signatures, and repository filtering.
Java Maven and Gradle Dependency Security
How to secure your Java dependency chain across Maven and Gradle builds, from signature verification to repository management.
Swift CocoaPods and SPM Security
Securing iOS and macOS dependencies with Swift Package Manager and CocoaPods, including checksum verification and source control.
Python Package Security Best Practices
Practical techniques for securing your Python supply chain, from pip and PyPI to virtual environments and hash verification.
PHP Composer Dependency Security
Securing PHP applications through Composer lockfiles, Packagist verification, and automated vulnerability scanning.
JavaScript Dependency Security: The Complete Guide
A thorough walkthrough of securing your JavaScript dependency tree, from lockfile hygiene to automated auditing and runtime protections.
Ruby Gems Supply Chain Security
Protecting your Ruby applications from gem-based supply chain attacks with Bundler security features, gem signing, and auditing.