Revisiting a 2019 npm Supply Chain Warning
A look back at a 2019 proof of concept about malicious npm packages and how npm supply-chain attacks later made developer machines the target.
Security
Security
Notes from HODL Labs on software supply chains, developer environments, dependency risk, and practical security decisions that affect real products.
Articles
Writing on software security and the systems developers depend on.