developer-tools
Safeguard articles tagged "developer-tools" — guides, analysis, and best practices for software supply chain and application security.
16 articles
Safeguard CLI: Supply Chain Security Without Leaving Your Terminal
The Safeguard CLI brings SBOM generation, vulnerability scanning, policy checks, and supply chain queries directly into your development workflow.
GitHub's Supply Chain Security Features
A comprehensive look at GitHub's evolving supply chain security toolkit, from Dependabot to code scanning, and how these features are reshaping how developers manage dependency risk.
JetBrains Plugin Security Verification: Protecting Your IDE
IDE plugins run with the same privileges as your IDE. A malicious IntelliJ plugin has access to your source code, credentials, and development environment.
VS Code Extension Marketplace Security: The IDE Supply Chain
VS Code extensions run with the same privileges as your editor — which means full access to your source code, terminal, and credentials. The marketplace security model does not prevent malicious extensions.