supply-chain-attacks Search Results

1000+ results
for supply-chain-attacks

Best match

Best match Most commented Newest Recently updated Least commented Oldest Least recently updated

tediousjs/tedious #1628

[FEATURE REQUEST] Supply Chain Security Analisys

**Is your feature request related to a problem? If so, please give a short summary of the problem and how the feature would resolve it** Having a supply chain analysis solution to identify potential …

elliot-huffman updated 6 months ago
1
dropbox/dependency-guard #103

Feature request: Support saving and checking hash or signatu…

`dependency-guard` does an awesome job of protecting projects from unwanted dependency changes. But this way we know nothing about the actual dependency content and cannot protect against malicious…

amal updated 9 months ago
3
hyperledger-cacti/cacti #2623

ci(release): add sigstore npm integration through --provenan…

### Description As a user of the Cacti npm packages I want to see on npmjs.com that the cacti packages are signed so that I have a layer of extra security against supply chain attacks that I can leve…

petermetz updated 1 month ago
1
UglyToad/PdfPig #908

Project continuity planning

Looking to gather thoughts on how best to ensure I'm not the critical blocker on further changes to this library. Unfortunately a temporary burnout with PdfPig seems to be more or less permanent an…

EliotJones updated 1 month ago
9
google/tsunami-security-scanner-plugins #419

AI PRP: Request Weak Credential tester for Argo CD

> In some of the instances that we checked, the Argo CD server was exposed and only required a username and a password for gaining access. From: https://www.trendmicro.com/vinfo/us/security/news/vu…

maoning updated 4 months ago
9
TAServers/hex-casting #2

[Legacy Code]: Look into removing/auditing Maven dependencie…

### Issue Type Maven dependencies ### Issue Description There are *lots* of Maven dependencies which link to random servers across the world. Most of which have no disclosure statements about priva…

yogwoggf updated 7 months ago
1
AztecProtocol/dev-rel #375

Document use of params for sound proof generation, with coun…

In hackathons there are often submissions that generate proofs, but can be misused to either prove different things or not uniquely prove what their solution proposes. Allowing a bad actor to either a…

jzaki updated 2 months ago
1
OWASP/www-project-machine-learning-security-top-10 #213

[FEEDBACK]: Is the "OWASP Machine Learning Security Top Ten"…

### Type Documentation Issue Report ### What would you like to report? I would like to report the following issue/feedback I am not an ML person but feels that the OWASP Machine Learning Securit…

xw48 updated 3 weeks ago
2
CycodeLabs/raven #188

Add extra details in the results (workflow, job, step)

**Is your feature request related to a problem? Please describe.** At the moment when results are reported, the report only includes the offending sink workflow/action file. For instance, if you run …

sadreck updated 4 months ago
2
microsoft/binskim #999

Binskim reports Error:BA2004 with '/ZH:SHA_256' enabled for …

We have performed the static code analysis for the unmanaged c++ dll. It reported the below error Error BA2004 'ts2coreD.dll' is a native binary that directly compiles and links one or more obje…

AgilaNatarajan updated 3 months ago
4

上一页 1...3 4 5 6 7 8 9...100 下一页

1000+ results for supply-chain-attacks

1000+ results
for supply-chain-attacks