Tag
devDependencies
Safeguard articles tagged "devDependencies" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Open Source
Is supertest npm Safe to Use? A Security Review for Node Testing
A security-minded review of supertest npm, the SuperAgent-driven HTTP testing library: where it fits, what its dependency surface looks like, and how to keep test code from leaking into production risk.
May 27, 20256 min read
Security
@testing-library/jest-dom: What It Does and How to Keep It Secure
@testing-library/jest-dom is a dev-only matcher library that is low risk to your production security, provided you keep it out of your runtime bundle and patched.
Apr 9, 20255 min read