DEV Community

# supplychain

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
CI is the wrong place to first hear about your npm dependencies
leobaniak profile
Leo

CI is the wrong place to first hear about your npm dependencies

#supplychain #shiftleft #node #npm
Comments
3 min read
PostCSS Adopted Staged Publishing. 685M Weekly Downloads Now Gated.
piiiico profile
Pico

PostCSS Adopted Staged Publishing. 685M Weekly Downloads Now Gated.

#npm #security #supplychain #javascript
2
Comments 1
2 min read
Come ragiona un hacker (e cosa cambia per chi costruisce prodotti web)
frontendfacile profile

Come ragiona un hacker (e cosa cambia per chi costruisce prodotti web)

#socialengineering #phishing #supplychain #securitymindset
Comments
4 min read
Cilium publishes its CI hardening playbook, gaps and all
leobaniak profile
Leo

Cilium publishes its CI hardening playbook, gaps and all

#cicdsecurity #supplychain #credentials #sigstore
Comments
3 min read
SP Page Builder ships a one-file controller patch in 6.6.2, and the locked support thread is a reminder that patching isn't cleanup
leobaniak profile
Leo

SP Page Builder ships a one-file controller patch in 6.6.2, and the locked support thread is a reminder that patching isn't cleanup

#joomla #sppagebuilder #cms #supplychain
Comments
6 min read
npm freezes high-impact maintainer accounts for 72 hours after a sensitive change
leobaniak profile
Leo

npm freezes high-impact maintainer accounts for 72 hours after a sensitive change

#npm #supplychain #accounttakeover #security
Comments
4 min read
A Rogue Registry in My Own Backyard: Anatomy of a Two-Line Supply Chain Attack
sebs profile

A Rogue Registry in My Own Backyard: Anatomy of a Two-Line Supply Chain Attack

#npm #security #supplychain
1
Comments
6 min read
What 5 Years on an Amazon Dock Taught Me About Barcodes
jamiepark-design profile

What 5 Years on an Amazon Dock Taught Me About Barcodes

#barcode #warehouse #logistics #supplychain
Comments
2 min read
Homebrew 6.0.0 turns third-party taps into an opt-in trust list
leobaniak profile
Leo

Homebrew 6.0.0 turns third-party taps into an opt-in trust list

#homebrew #supplychain #packagemanagers #cicd
Comments
3 min read
Your auth library's maintainer is an agent who never sleeps
colonistone_34 profile

Your auth library's maintainer is an agent who never sleeps

#security #ai #supplychain #devops
Comments
5 min read
From Supply Chain to Software: What Containers Actually Are and Why They Matter
agenticdevops profile

From Supply Chain to Software: What Containers Actually Are and Why They Matter

#containers #docker #podman #supplychain
Comments
6 min read
One npm Account Publishes 964 Million Downloads Per Week. None Have Provenance.
piiiico profile
Pico

One npm Account Publishes 964 Million Downloads Per Week. None Have Provenance.

#npm #security #supplychain #javascript
Comments
3 min read
Local LLM Security Best Practices: Beyond Basic Hashing
jaychkdsk profile

Local LLM Security Best Practices: Beyond Basic Hashing

#llmsecurity #localai #supplychain #gguf
Comments
4 min read
How to Build a Secure Homelab for LLM Inference
jaychkdsk profile

How to Build a Secure Homelab for LLM Inference

#homelab #llmsecurity #inference #supplychain
Comments
4 min read
Chainguard's drop-in Java libraries trade a framework upgrade for an SLA
leobaniak profile
Leo

Chainguard's drop-in Java libraries trade a framework upgrade for an SLA

#chainguard #java #springboot #supplychain
1
Comments 1
3 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.