Tag
native-extensions
Safeguard articles tagged "native-extensions" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Open Source Security
Native-extension vulnerabilities in Python packages
numpy, pandas, cryptography, and lxml all ship compiled C/C++ code — and a Python SCA scan that only checks package versions can miss memory-safety bugs buried in that native layer.
Jul 7, 20266 min read
Open Source Security
Ruby Native Extensions Supply Chain
Native C extensions are the most under-audited part of the Ruby supply chain: how they get built, what can go wrong, and how to monitor them as seriously as you monitor pure-Ruby code.
Oct 8, 20248 min read