Tag
source-code-management
Safeguard articles tagged "source-code-management" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Software Supply Chain Security
Repository health and source-code manager (SCM) risk
Repository health—branch protection, stale permissions, leaked secrets, OAuth grants—is a supply chain risk AppSec scanners like Checkmarx can't see. Here's why it matters.
Jun 23, 20268 min read
Application Security
Cheat sheet: 10 Bitbucket security best practices
A concrete, numbers-first cheat sheet covering the 10 Bitbucket security settings that stop misconfigurations from becoming supply chain breaches.
May 23, 20266 min read
Vulnerability Analysis
Git Argument Injection via Crafted SSH URL (CVE-2017-1000...
CVE-2017-1000117 let a malicious repo run code on anyone who cloned it via a crafted ssh:// URL. Impact, affected Git versions, CVSS, and fixes.
Nov 28, 20258 min read