How Much Of A Library Do You Actually Use?
Analyzes how much of a library's functionality is actually used, arguing for building small utilities yourself with AI assistance.
Analyzes how much of a library's functionality is actually used, arguing for building small utilities yourself with AI assistance.
Guide on identifying third-party apps with poor authentication in Microsoft Entra to prevent supply chain attacks.
Explains dependency cooldowns, a strategy to reduce supply chain attack risk by delaying automatic dependency updates.
A detailed timeline of the multi-year social engineering attack that led to a backdoor in the xz compression library, a major open source supply chain incident.
Article critiques modern package managers (npm, Cargo, PyPI) for supply-chain attacks and advocates for distribution-based package management.
A developer shares a list of their recent tech conference talks on topics like Kubernetes security, WebAssembly, and Docker.
A developer's predictions for the future of computing, covering WASM, Rust, Kubernetes rivals, serverless, AI, and programming language trends.