DEV Community

# supplychain

Posts

đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.
Bumblebee vs OSV-Scanner: Two Takes on Supply Chain Scanning
alanwest profile

Bumblebee vs OSV-Scanner: Two Takes on Supply Chain Scanning

#security #supplychain #devops #npm
1
Comments
4 min read
npm Supply Chain Audit: The Checklist Most Teams Stop Too Early
piiiico profile
Pico

npm Supply Chain Audit: The Checklist Most Teams Stop Too Early

#npm #security #javascript #supplychain
Comments
6 min read
Four iteration rounds on a security scanner I run, all of them visible. Here is what the loop actually looks like.
michael_onyekwere profile

Four iteration rounds on a security scanner I run, all of them visible. Here is what the loop actually looks like.

#security #supplychain #mcp #npm
Comments
11 min read
FrontGate: a Lightweight Package Proxy for Supply Chain Security
maxkrivich profile

FrontGate: a Lightweight Package Proxy for Supply Chain Security

#supplychain #governance #security #ai
Comments
2 min read
PCB Shortage Warning: Iran-Saudi Conflict Drives 40% Price Increase — What Hardware Engineers Need to Know
abc_8b09c7009ee0029b85665 profile

PCB Shortage Warning: Iran-Saudi Conflict Drives 40% Price Increase — What Hardware Engineers Need to Know

#hardware #electronics #supplychain #manufacturing
Comments
2 min read
Supply Chain Data Flow: Why Errors Happen in ERP Systems
merbayerp profile

Supply Chain Data Flow: Why Errors Happen in ERP Systems

#tutorials #erp #supplychain #dataflow
Comments
7 min read
node-ipc Had a 69 Trust Score Before It Got Hacked. TanStack Had 91.
piiiico profile
Pico

node-ipc Had a 69 Trust Score Before It Got Hacked. TanStack Had 91.

#npm #security #supplychain #javascript
Comments
4 min read
GitHub No Fue Hackeado, Pero Tu Pipeline SĂ­ PodrĂ­a Serlo: Lo Que Revelan Grafana, CISA y Shai-Hulud 2.0
guayoyo_tech profile

GitHub No Fue Hackeado, Pero Tu Pipeline SĂ­ PodrĂ­a Serlo: Lo Que Revelan Grafana, CISA y Shai-Hulud 2.0

#cybersecurity #github #devops #supplychain
Comments
7 min read
GitHub Wasn't Hacked, But Your CI/CD Pipeline Might Be: Lessons from Grafana, CISA, and Shai-Hulud 2.0
guayoyo_tech profile

GitHub Wasn't Hacked, But Your CI/CD Pipeline Might Be: Lessons from Grafana, CISA, and Shai-Hulud 2.0

#cybersecurity #github #devops #supplychain
Comments
6 min read
The 4 Hidden Bottlenecks in the GLP-1 Supply Chain
harryfloyd profile

The 4 Hidden Bottlenecks in the GLP-1 Supply Chain

#biotech #pharma #supplychain #analysis
Comments
3 min read
Software Supply Chain Security: SBOM, SLSA & Sigstore
instadevops profile

Software Supply Chain Security: SBOM, SLSA & Sigstore

#security #supplychain #sbom #devops
Comments
2 min read
Causa GitHub, or: Your Editor Extensions Run as You
vivian-voss profile

Causa GitHub, or: Your Editor Extensions Run as You

#security #supplychain #vscode #devsecops
Comments 1
5 min read
The TanStack Attack: How a Worm Slipped Through the npm Pipeline
guayoyo_tech profile

The TanStack Attack: How a Worm Slipped Through the npm Pipeline

#security #devsecops #npm #supplychain
Comments
6 min read
The MCP package looked clean. The installed tree did not.
oleg_gr_734317a4bae97cee4 profile

The MCP package looked clean. The installed tree did not.

#security #ai #mcp #supplychain
1
Comments
2 min read
npm Is on Fire: Why the Architecture Is the Product
vivian-voss profile

npm Is on Fire: Why the Architecture Is the Product

#npm #supplychain #security #freebsd
Comments
10 min read
đź‘‹ Sign in for the ability to sort posts by relevant, latest, or top.