Safeguard
Topic

Developer Security

In-depth guides and analysis on developer security from the Safeguard engineering team.

6 articles

Developer Security

Flutter and Dart Dependency Security: A Practical Guide

Flutter apps pull dozens of Dart packages from pub.dev. Most teams never audit them. Here is how to manage dependency security in the Flutter ecosystem without slowing down development.

Mar 12, 20246 min read
Developer Security

Deno's Permission-Based Security Model: What It Gets Right and Where It Falls Short

Deno was built with security as a first-class concern, requiring explicit permissions for file, network, and environment access. Here is an honest assessment of what that model delivers in practice.

Nov 8, 20236 min read
Developer Security

Svelte and SvelteKit Security Best Practices for Production Apps

Svelte's compile-time approach reduces runtime attack surface, but SvelteKit introduces server-side considerations that require deliberate security attention. A practical guide.

Jul 18, 20236 min read
Developer Security

JetBrains Plugin Security Verification: Protecting Your IDE

IDE plugins run with the same privileges as your IDE. A malicious IntelliJ plugin has access to your source code, credentials, and development environment.

Jun 12, 20235 min read
Developer Security

Elixir and Hex Package Security: Protecting the BEAM Ecosystem

Elixir's Hex package manager serves a smaller but growing ecosystem. Smaller does not mean safer — here is what Elixir teams need to know about dependency security.

May 10, 20235 min read
Developer Security

VS Code Extension Marketplace Security: The IDE Supply Chain

VS Code extensions run with the same privileges as your editor — which means full access to your source code, terminal, and credentials. The marketplace security model does not prevent malicious extensions.

Oct 18, 20225 min read
Developer Security — Supply Chain Security Blog | Safeguard