Safeguard
Tag

Build Systems

Safeguard articles tagged "Build Systems" — guides, analysis, and best practices for software supply chain and application security.

9 articles

Emerging Technology

Software Supply Chain Side-Channel Attacks 2025

Side-channel attacks are moving from hardware into software supply chains, where build-time timing, error messages, and telemetry leak meaningful secrets.

Mar 29, 20268 min read
Industry Analysis

Best SLSA-compliant build systems

A fair comparison of SLSA compliant build systems—GitHub Actions, Cloud Build, GitLab, Tekton Chains—with real strengths and limitations for Build Level 3.

Nov 18, 20258 min read
DevSecOps

Earthly Containerized Builds Supply Chain

Earthly combines container isolation with Makefile-style ergonomics. Here's what that means for supply chain posture, with real Earthfile examples.

Nov 8, 20247 min read
DevSecOps

Buck2 (Meta) Build Security Considerations

A security engineer's look at Buck2, Meta's open-source build system, including Starlark sandbox properties, remote execution, and actual supply chain guarantees.

Oct 22, 20247 min read
DevSecOps

Please Build System Security Review

A hands-on security review of Please, the open-source Bazel-inspired build system, including sandbox behavior, BUILD rules, and supply chain trade-offs.

Aug 28, 20246 min read
DevSecOps

GN and Meson Build Systems: Security

A side-by-side security comparison of GN (Chromium) and Meson, covering declarative posture, wrap files, toolchain handling, and supply chain behavior.

Jun 22, 20247 min read
DevSecOps

Pants Build Tool Security Posture

A practitioner's view of the Pants build system's security properties, covering sandboxing, third-party resolution, and the Pants 2.x architecture.

May 18, 20247 min read
Offensive Security

Penetration Testing CI/CD Pipelines

Your CI/CD pipeline is a high-value target. Here's how to pen test build systems, artifact repositories, and deployment workflows for supply chain vulnerabilities.

Apr 18, 20246 min read
DevSecOps

Ninja Build Supply Chain Considerations

Ninja is a low-level build tool, not a package manager. That framing matters for understanding its supply chain properties and common misconceptions.

Mar 28, 20247 min read
Build Systems — Safeguard Blog