Follow

"Why npm lockfiles can be a security blindspot for injecting malicious modules"

snyk.io/blog/why-npm-lockfiles

I would say this also applies to other languages and package managers.

Sign in to participate in the conversation
Social feed

This is a personal and private instance.