Safeguard
Tag

maintenance

Safeguard articles tagged "maintenance" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Research

Abandoned Dependency Risk Study

The Safeguard Research team measured how much abandonment exists in real dependency graphs, how it correlates with risk, and what to do about it.

Feb 5, 20267 min read
Open Source

react-sortable-hoc: Security and Maintenance Status Review

react-sortable-hoc is no longer actively maintained and leans on the soon-to-be-removed findDOMNode API. Here's what that means for your risk and what to migrate to.

Jun 16, 20255 min read
Open Source

npm bluebird in 2025: Is the Promise Library Still Safe to Use?

The npm bluebird package still gets tens of millions of weekly downloads, but it has gone quiet. Here is an honest read on whether to keep it or migrate.

Apr 18, 20255 min read
Lifecycle Management

Software Component Lifecycle Management

Components do not stay secure forever. This guide covers managing the full lifecycle of software dependencies -- from adoption through deprecation -- with a focus on security and operational continuity.

Jan 15, 20247 min read
Dependency Management

Fork Maintenance and Your Security Responsibilities

Forking an open source project means inheriting its security obligations. Here is what organizations need to know before and after forking a dependency.

Jan 28, 20236 min read
Dependency Management

Managing End-of-Life Software Dependencies

Every dependency eventually reaches end of life. Here is a practical framework for identifying, tracking, and migrating away from EOL software before it becomes a security liability.

Jun 22, 20227 min read
maintenance — Safeguard Blog