Tag
dependency-security
Safeguard articles tagged "dependency-security" — guides, analysis, and best practices for software supply chain and application security.
51 articles
Software Supply Chain Security
Go Module Checksum Database: How It Secures Your Dependencies
Go checksum database is one of the most underappreciated supply chain security features in any language ecosystem. Here is how it works and where it falls short.
Mar 18, 20235 min read
Supply Chain Security
Package Manager Security: npm, pip, and Maven Compared
Each package manager has its own security model, attack surface, and best practices. This guide compares npm, pip, and Maven from a supply chain security perspective.
Oct 8, 20228 min read
Dependency Security
JavaScript Dependency Security: The Complete Guide
A thorough walkthrough of securing your JavaScript dependency tree, from lockfile hygiene to automated auditing and runtime protections.
Jul 12, 20226 min read