Tag
native-modules
Safeguard articles tagged "native-modules" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Supply Chain
node-pre-gyp and node-gyp: The Security Cost of Native Modules
@mapbox/node-pre-gyp downloads compiled binaries into your node_modules at install time. Understanding that machinery is the difference between a fast install and an unauditable one.
Jan 28, 20257 min read
Best Practices
React Native Supply Chain Risks in 2024
React Native bundles native modules, JavaScript dependencies, and CodePush-style OTA updates into one app. The supply chain is vast and the remediation path is slower than web apps. Here is where it actually goes wrong.
Oct 22, 20247 min read