Tag
package-json
Safeguard articles tagged "package-json" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Open Source
npm run dev: What It Does and How to Run It Safely
npm run dev starts your project's development server via a script in package.json. Here is what actually happens under the hood and the security risks worth knowing.
Oct 12, 20256 min read
Open Source
npm run: How Scripts Work and How to Use Them Safely
npm run executes the scripts defined in your package.json. Here is how it resolves commands, the lifecycle hooks that run automatically, and the supply-chain risks to watch.
Jan 22, 20256 min read