The Missing Manual

⌘K

Supply-Chain Security

Overview
1 · Your code is mostly other people's code
2 · Pinning, scanning, and seeing what you ship
3 · The terrible day, and what stops it

All topics / Supply-Chain Security

Supply-Chain Security

Your dependencies are your attack surface: the npm install that owned you, lockfiles, typosquatting, and how to trust code you did not write.

Your code is mostly other people's code
Pinning, scanning, and seeing what you ship
The terrible day, and what stops it

The Missing Manual

Sponsored by KeepITLocaland OMNIS-X

Free forever

About Glossary Train Review

esc

Topics

Logic

Topic

Mathematics

Topic

Physics

Topic

Operating Systems

Topic

Hardware

Topic

Networking

Topic

Programming Concepts

Topic

Programming Languages

Topic

Frameworks & Libraries

Topic

Version Control

Topic

Debugging & Troubleshooting

Topic

Testing

Topic

Databases

Topic

Data & Analytics

Topic

APIs & Integration

Topic

Architecture

Topic

DevOps

Topic

Infrastructure & Cloud

Topic

Performance

Topic

Security

Topic

AI & Machine Learning

Topic

Tools & Workflow

Topic

Pages

Home

Page

About

Page

Contribute

Page

Subscribe via RSS

Page

↑↓ navigate ↵ open Ctrl+K toggle