-
> Most package pages on the npm registry have a link to a source repository, but this information isn’t verified and doesn’t point at any specific commit. With the [code explorer](https://github.blog/…
-
Wikipedia references:
* https://en.wikipedia.org/wiki/Information_security
* https://en.wikipedia.org/wiki/Information_security_audit
* https://en.wikipedia.org/wiki/Attribute-based_access_contro…
-
## Is your feature request related to a problem?
We currently allow pushing a gem that has unresolved dependencies
## Describe the solution you'd like
We should stop allowing it
## Addit…
-
### Description
Hello guys, i have a piece of code in my app which call a soap service using wcf client and certificate authentification.
This code work fine in .net8.0, but after upgrading to .net9…
-
## Vulnerabilities found for katib-controller:v0.17.0
```
For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your …
-
https://www.securityinfowatch.com/cybersecurity/article/53078295/security-breach-at-johnson-controls-highlights-smart-building-supply-chain-concerns
-
## Vulnerabilities found for file-metrics-collector:v0.17.0
```
For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in…
-
### Describe the bug
This issue outlines security issues that need to be addressed prior to the re-launching of MetaMask Desktop (if we do decide to re-launch it).
### Issues
- Supply chain a…
-
Reopening this since Polyfill is just closing issues in an attempt to cover this up.
https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites…
-
I'm a Cyber Security researcher and developer of PackjGuard [1] to address open-source software supply chain attacks.
# Issue
During my research, I detected a _deleted package_ in this repository.
…