It’s challenging to keep up with the best cybersecurity practices, as recommended security measures change quickly and often. Thankfully, Bitbucket offers simple ways to maintain safe code. Although the specifics vary, the following best practices apply to almost any git or repository. 1. Change Keys, Tokens and Passwords Often Security begins at login, so information…
Continue ReadingSoftware Solutions
Supply Chain Attacks – Defend Against Dependency Substitution and Typosquatting
If you’ve referenced open-source software in your software development process, you’ve relied on code published to public repositories as “packages”. These packages can be an attack vector when a malicious character uses Dependency Substitution or Typosquatting to ceate a supply chain attack. Those packages are downloaded and installed by a package manager. Each programming language…
Continue Reading
Docker Vulnerabilities and Security Risks
Since 2013, Docker has enabled rapid development and deployment of web applications. With its innovative approach to containers, Docker also pioneered a way to distribute highly secure applications. Nonetheless, security is never perfect. With even the most popular docker images containing vulnerabilities or malware, a hard look at Docker security issues is a wise move…
Continue Reading
Node.js Versioning
Node.js versioning is an essential skill for developers aiming to rapidly deploy secure web apps. Read about the tools that tame version management.
Continue Reading
Change Node Versions
The ability to change Node versions and npm registries in a development environment is easy with the right tool.
Continue Reading
BSD vs MIT License
The BSD vs MIT license contest has a lively history. Learn about the high-stakes gambles and exasperating missteps behind the leading FOSS licenses.
Continue Reading
Bower vs NPM
Compare Bower vs NPM to understand the advantages and disadvantages of each package manager and decide which is best for your business’s needs.
Continue Reading
What Is Bower Used For?
Bower was once the most popular front-end package manager to use for web development projects. It took the legwork out of finding, installing, and saving appropriate versions of external software packages. Bower was built at and released by Twitter in 2012. The creators’ goal was to automate some necessary tasks related to dependency management to…
Continue Reading
npm vs Yarn
npm vs Yarn: The JavaScript package manager contest rolls on. Learn about these tools and why the need for Software Composition Analysis is as vital as ever.
Continue Reading
What Is Bower?
What is Bower, and what are the alternatives to this popular but deprecated package manager? Learn the past and future of client-side dependency management.
Continue Reading