dependency-audit
Safeguard articles tagged "dependency-audit" — guides, analysis, and best practices for software supply chain and application security.
4 articles
How to Audit the Dependencies of an AI Agent
An AI agent's dependency tree spans packages, MCP servers, models, and system prompts. A step-by-step audit method that actually enumerates all four layers.
Auditing Elixir and Phoenix apps with mix_audit and Sobelow
A hands-on mix_audit Sobelow tutorial for scanning Elixir and Phoenix apps: dependency audits, static analysis, CI wiring, and triage tips.
Auditing Spring Boot dependencies with OWASP Dependency-C...
A step-by-step spring boot dependency audit using OWASP Dependency-Check and Snyk, from Maven setup to CI automation and finding reconciliation.
The End-of-Year Dependency Audit Ritual
Most dependency audits get done in a panic after a CVE lands. A planned year-end audit is cheaper, more thorough, and produces a backlog you can actually work through in Q1.