Category
55 posts in this category.
Technical explainer
Gradle evaluates your build script and every applied plugin as code at configuration time, and it resolves from two registries — Maven Central for dependencies and the Gradle Plugin Portal for plugins. Why securing gradle build needs dual-origin gating.
Technical explainer
Maven’s defining supply-chain weakness is that, by default, there is no lockfile — version ranges and SNAPSHOTs resolve to whatever the repository serves. How verification-metadata, settings.xml mirrors, and an additive gate close the gap.
Technical explainer
NuGet has its own install-time execution (legacy install.ps1 and modern .targets/.props MSBuild injection), a real dependency-confusion history, and packages.lock.json for integrity. How the V3 protocol makes gating dotnet restore practical.
Technical explainer
gem install runs arbitrary code through native extensions (extconf.rb) — an install-time vector older than npm’s postinstall. What Gemfile.lock’s newer CHECKSUMS section adds, and how a single-host mirror gates bundle install.
Technical explainer
Rust is memory-safe, not supply-chain-safe. build.rs and proc-macros execute arbitrary code during cargo build, crates.io is a two-host registry, and Cargo.lock pins integrity but not trust. How dual-origin gating intercepts the .crate.
Technical explainer
Go has no postinstall scripts and a public checksum database — but go.sum proves integrity, not safety. How GOPROXY, the sumdb, and an install-time gate cover the gaps a typosquat or compromised maintainer leaves open.
Technical explainer
npm audit checks against known CVE databases and misses every zero-day supply chain attack. Here's exactly what npm audit does, its false positive problem, and how to use it correctly.
Technical explainer
Vibe coding ships fast because you stop reading the package list. That’s fine — until your AI coding assistant hallucinates a package name an attacker already registered, or a postinstall script scrapes your SSH keys. Here’s the threat model for AI-assisted devs and the one-line fix.
Technical explainer
GitHub Actions workflows are a prime target for supply chain attacks. Here's how to secure your npm and Python installs, pin action versions, and use Veln in CI.
Technical explainer
AI coding assistants occasionally invent package names that sound plausible but don’t exist. Attackers register the popular hallucinations within hours. Here’s the threat shape and how to defend against an attack class that didn’t exist three years ago.
Technical explainer
Your laptop has 23 abandoned side projects. Each has a node_modules from last year. The risk isn’t the package you install today — it’s the malicious code that’s been sitting on your disk since last summer, two AI tools and three editors ago.
Technical explainer
Your CI pipeline installed a malicious npm or Python package. Here's the exact incident response process: what to investigate, what to rotate, and how to prevent recurrence.
Technical explainer
AI coding tools in agent / auto-commit modes can run npm install autonomously. The trust delegation chain has a new link in it. Here’s what changes when the AI is the one typing the install command, and where to put the check.
Technical explainer
uv, pip, and poetry have different security properties. Here's a comparison of lockfile security, hash verification, and supply chain protections for each Python package manager.
Technical explainer
Your laptop has your personal stuff. Your CI has your production keys. The same malicious npm package, run in the same workflow, has very different consequences on each. Here’s why CI is the higher-value target — and the smaller checklist to harden it.
Technical explainer
Before you accept your AI assistant’s npm install suggestion, five things you can check in under a minute. Most catch the common slopsquats. The rest is what tooling automates.
Technical explainer
npm now supports build provenance via Sigstore. Here's what it is, how it works, what attacks it prevents, and where it leaves gaps that Veln fills.
Technical explainer
Modern npm/PyPI malware doesn’t drop ransomware. It harvests developer credentials. Here are the exact files attackers target on a vibe coder’s laptop and the patterns that appear in every recent incident.
Technical explainer
If you publish npm packages, here's how to protect your account, secure your CI publishing pipeline, avoid patterns that trigger security scanners, and use npm provenance.
Technical explainer
pip installs run arbitrary Python at install time. Wheels can ship native code that runs the moment they’re unpacked. uv is faster but doesn’t change the trust model. Here’s what you’re actually running when you pip install.
Technical explainer
A deep dive into securing Python package installs in Docker: multi-stage builds, non-root users, read-only filesystems, Buildkit secrets, and Veln in CI.
Technical explainer
ML and AI projects are uniquely exposed to supply chain attacks: large dependency trees, frequent new packages, cloud credentials, and model weights. Here's how to protect them.
Technical explainer
Your AI assistant suggests left-pad@latest. Latest was published yesterday by an account that wasn’t the maintainer last week. AI assistants have no concept of maintainer churn. Here’s why that’s the failure mode behind every hijack of the last five years.
Technical explainer
Python virtual environments isolate packages between projects but don't protect against malicious packages. Here's what venv actually does for security and what additional steps are needed.
Technical explainer
npm scopes (@company/package) are your first line of defense against dependency confusion attacks. Here's how to configure them correctly and what can still go wrong.
Technical explainer
The advice to use the latest version comes from a different era. In an era of supply-chain attacks, the newest release is the one with the least vetting time. Here’s how to think about version selection for AI-assisted projects.
Technical explainer
A review of the current state of npm and PyPI security in 2026: what's improved, what remains broken, the most common attack patterns, and where the gaps still are.
Technical explainer
AWS credentials are the most commonly targeted secret in npm and PyPI supply chain attacks. Here's the specific patterns attackers use, why AWS is targeted, and how to protect your credentials.
Technical explainer
Your CI passes, your tests pass, but every time you wipe and reinstall, you re-pull the entire dependency tree from the live registry. If anything was hijacked between last install and this one, this is where you catch it — or don’t.
Technical explainer
Abandoned and under-maintained npm and PyPI packages are a primary supply chain attack vector. Here's why maintainer burnout creates security risk and what developers can do about it.
Technical explainer
Private npm and PyPI registries (Artifactory, Nexus, Verdaccio) introduce unique security risks. Here's how to configure them securely and what Veln adds.
Technical explainer
npm automation tokens with full account access are the norm. Here's how to use granular npm access tokens, scope them to specific packages, and limit the blast radius if a token is stolen.
Technical explainer
You have a 12-person team, a CI bill, and a security budget that has to fight for line items. Here is the ROI math, the alternatives compared, and the specific failure modes that would otherwise show up on your post-mortem.
Technical explainer
CI caches for npm and Python can persist malicious packages across builds and across time. Here's which caching strategies are safe, which are risky, and how to configure them correctly.
Technical explainer
A practical walk-through of npm’s dependency resolver: how SemVer ranges become resolved versions, when nested copies appear in node_modules, and why reading a package-lock.json diff is the only reliable supply-chain review.
Technical explainer
Monitoring outbound network traffic from your CI pipelines and developer machines is one of the most effective after-the-fact detections for supply chain attacks. Here's how to set it up.
Technical explainer
Using ^ and ~ in package.json lets npm automatically install new minor and patch versions. Here's why this creates a supply chain attack surface and how to use semver safely.
Technical explainer
Solo founder, two AI assistants, eleven side projects, one real revenue stream. Here is the smallest set of supply-chain hardening you can apply in half an hour and the specific incidents it would have prevented.
Technical explainer
Transitive npm dependencies are the primary supply chain attack surface, not direct dependencies. Here's why, how deep dependency trees amplify risk, and what to do about it.
Technical explainer
Before installing a Python package, you can verify its publisher, release history, download counts, and source code. Here's a step-by-step manual verification process and what Veln automates.
Technical explainer
npm lifecycle scripts and Python build hooks execute shell commands. Here's how the shell execution works, what escape vectors exist, and how Veln catches shell-based supply chain attacks.
Technical explainer
When the procurement form lands, you have 15 questions and a Slack thread. Here are the 20 things you actually need to verify before buying, organized by attack class, and what answers should make you walk away.
Technical explainer
Unexpected license changes in transitive npm and Python dependencies can signal a supply chain compromise. Here's how license verification fits into your security posture.
Technical explainer
LLMs like GPT-4 and Claude sometimes recommend npm and Python packages that don't exist. Attackers register those package names. Here's the risk and how to protect yourself.
Technical explainer
pip’s backtracking resolver is what decides which version of every Python package gets installed. Here is how it works, what changed in pip 20.3, and how to make builds reproducible with hashed lockfiles.
Technical explainer
The lockfile is the source of truth for what your build will install. A field-by-field walk-through of package-lock.json so the next thousand-line lockfile diff in code review is readable in minutes.
Technical explainer
Dependency confusion lets attackers serve malicious packages to your developers by exploiting how npm and pip resolve package names. Here's the exact mechanism, real examples, and defenses.
Technical explainer
npm ci installs strictly from package-lock.json with integrity verification on every package. A small command change with outsized benefits for build reproducibility, performance, and supply-chain hygiene.
Technical explainer
Most supply chain attacks on npm and PyPI have an exposure window of hours to days before threat feeds catch up. Here's what that window looks like, who is most at risk, and what actually closes it.
Technical explainer
npm install executes arbitrary code from the internet with no verification. Here's why that's true by design, what the consequences are, and how Veln adds the verification layer npm doesn't have.
Technical explainer
pip-compile --generate-hashes plus pip install --require-hashes gives you the Python equivalent of npm ci: byte-identical wheels across machines and refusal to install if any artifact’s hash does not match.
Technical explainer
Three Software Bill of Materials formats compete for the same shelf. Here is what each format is good at, where it is used, and how to pick one without overthinking it.
Technical explainer
npm postinstall is the most common code-execution surface for malicious packages. A taxonomy of the patterns observed in the wild — credential exfiltration, downloaded payloads, obfuscated runtime, conditional triggers — and what reliably catches each one.
Technical explainer
Sigstore replaces long-lived signing keys with short-lived OIDC-issued certificates and a public transparency log. This is the foundation under npm provenance and PyPI Trusted Publishing — here is how the trust chain actually works.
Technical explainer
Trusted Publishing replaces long-lived publish tokens with short-lived OIDC identity assertions from your CI workflow. Setup takes 30 minutes and removes the most-stolen credential class from your infrastructure.