maintenance
Safeguard articles tagged "maintenance" — guides, analysis, and best practices for software supply chain and application security.
6 articles
Abandoned Dependency Risk Study
The Safeguard Research team measured how much abandonment exists in real dependency graphs, how it correlates with risk, and what to do about it.
react-sortable-hoc: Security and Maintenance Status Review
react-sortable-hoc is no longer actively maintained and leans on the soon-to-be-removed findDOMNode API. Here's what that means for your risk and what to migrate to.
npm bluebird in 2025: Is the Promise Library Still Safe to Use?
The npm bluebird package still gets tens of millions of weekly downloads, but it has gone quiet. Here is an honest read on whether to keep it or migrate.
Software Component Lifecycle Management
Components do not stay secure forever. This guide covers managing the full lifecycle of software dependencies -- from adoption through deprecation -- with a focus on security and operational continuity.
Fork Maintenance and Your Security Responsibilities
Forking an open source project means inheriting its security obligations. Here is what organizations need to know before and after forking a dependency.
Managing End-of-Life Software Dependencies
Every dependency eventually reaches end of life. Here is a practical framework for identifying, tracking, and migrating away from EOL software before it becomes a security liability.