Safeguard
Tag

open-source-security

Safeguard articles tagged "open-source-security" — guides, analysis, and best practices for software supply chain and application security.

341 articles

Open Source Security

How Snyk's .snyk file structures ignore rules with expiry...

How Snyk's .snyk file encodes vulnerability ignore rules using reason and expiry date fields, and what happens in CI once an exception lapses.

Aug 23, 20257 min read
Open Source Security

How the --policy-path option centralizes ignore rules acr...

A technical look at how Snyk's --policy-path flag lets teams share one .snyk ignore file across repos instead of duplicating exceptions everywhere.

Aug 22, 20256 min read
Open Source Security

How Snyk continuously monitors production dependencies fo...

A technical walkthrough of how Snyk's continuous monitoring uses dependency snapshots, vuln-DB updates, and priority scoring to flag newly disclosed CVEs in production.

Aug 22, 20257 min read
Open Source Security

How Snyk's CLI test command differs technically from the ...

A technical breakdown of how Snyk's snyk test and snyk monitor commands differ mechanically — exit codes, dependency snapshots, and continuous vulnerability tracking.

Aug 22, 20257 min read
Open Source Security

How Snyk's private package registry scanning supports Art...

How Snyk private registry package scanning connects to Artifactory and Nexus, from Docker Registry API calls to Broker-relayed authentication behind the firewall.

Aug 22, 20257 min read
Open Source Security

How Snyk resolves CocoaPods and Swift Package Manager dep...

How Snyk parses Podfile.lock for CocoaPods and invokes the Swift toolchain to resolve Swift Package Manager dependencies when scanning iOS codebases.

Aug 21, 20257 min read
Open Source Security

How Snyk AI-BOM's --html flag visualizes AI dependency an...

How Snyk's snyk aibom --html flag turns CycloneDX AI-BOM data into an interactive graph of models, agents, tools, and MCP client-server-tool dependency chains.

Aug 20, 20257 min read
Open Source Security

How Snyk detects AI/ML-specific libraries during standard...

Snyk's standard SCA treats AI/ML packages like any other dependency, while a separate AI-BOM tool adds static analysis to detect models, agents, and MCP connections.

Aug 19, 20257 min read
Open Source Security

How Snyk's Eclipse plugin integrates open source and code...

A mechanical look at how Snyk's Eclipse plugin surfaces open source and code scan findings as native markers in the IDE's Problems view.

Aug 18, 20257 min read
Open Source Security

Why Transitive Dependencies Are the Blind Spot in Most Vu...

Most vulnerability scans stop at direct dependencies, missing the 70-80% of your codebase that arrives transitively — where Log4Shell and other major CVEs actually hid.

Aug 13, 20257 min read
Open Source Security

The Real Cost of Delayed Patching in Open Source Components

Patches for open source flaws often exist for months before teams apply them. Here is what that patch lag actually costs in breaches, cleanup, and trust.

Aug 13, 20258 min read
Open Source Security

How Dependency Graphs Reveal Hidden Supply Chain Risk

Dependency graph analysis reveals which transitive packages can actually reach your code. From Log4Shell to the xz backdoor, see why flat scans miss what graphs catch.

Aug 12, 20258 min read
open-source-security (Page 24) — Safeguard Blog