If you’ve referenced open-source software in your software development process, you’ve relied on code published to public repositories as “packages”. These packages can be an attack vector when a malicious character uses Dependency Substitution or Typosquatting to ceate a supply chain attack. Those packages are downloaded and installed by a package manager. Each programming language…
Continue ReadingOpen Source Software
Docker Vulnerabilities and Security Risks
Since 2013, Docker has enabled rapid development and deployment of web applications. With its innovative approach to containers, Docker also pioneered a way to distribute highly secure applications. Nonetheless, security is never perfect. With even the most popular docker images containing vulnerabilities or malware, a hard look at Docker security issues is a wise move…
Continue ReadingNode.js Versioning
Node.js versioning is an essential skill for developers aiming to rapidly deploy secure web apps. Read about the tools that tame version management.
Continue ReadingWhat Is Bower?
What is Bower, and what are the alternatives to this popular but deprecated package manager? Learn the past and future of client-side dependency management.
Continue ReadingManaging OSS for Mergers and Acquisitions
In today’s software industry, mergers and acquisitions are quite common, even considered a frequent occurrence. Some in the industry have even said they’re “the name of the game” in the software industry. While larger companies often acquire smaller ones, it isn’t at all uncommon for the opposite to occur, so no matter how large or…
Continue ReadingOpen Source Licenses Types and Issues (OSS)
Currently, open source software license (OSS) usage not only represents an ever-growing portion of the software market, but is nearly a necessity of doing business and developing modern software. Utilizing OSS software allows companies to leverage the work of large communities and benefit from the collaboration of those communities’ users to create better software with…
Continue Reading