Vishal GargIs Software Supply Chain Security More Than Just Open-Source and SBOMs?If software supply chain security is not about open-source and SBOMs, what else is there to consider? In fact, a lot more!Nov 13, 2023Nov 13, 2023
Andreas SommarströmHow to Avoid the (npm) dependency trapWith the dust settling one week after the UA-parser-js incident, it’s the perfect opportunity to take some time and see what we can learn…Nov 1, 2021Nov 1, 2021
InMOSTLY HARMLESSbyRushi LuharDo you know your dependencies?A contributor on GitHub finds an abandoned, but popular JS library and commits code that targets a Bitcoin wallet made by a particular…Nov 27, 2018Nov 27, 2018
Sumant MishraNPM: devDependencies vs dependencies in package.jsonIn a Node JS application, package.json is very important as it contains all metadata information about that Project or application. This…Jul 5, 2019Jul 5, 2019
InJavaScript in Plain EnglishbyAbhishek SinghDifferent types of dependencies in a Node.js application explainedIn the cycle of creating or using node js projects every developer once in a while encounters the phrases like:Dec 23, 2019Dec 23, 2019
