
Programmer Introspective
Signing is Just the Start
Socket provides an introspective on code signing in relation to the supply chain incident from SolarWinds.
May 3, 2023
The Socket GitHub app now runs Project Health Reports on the default branch instead of in pull requests. Previously, Project Health Reports were only run in the pull request context, along side pull request alert scanning. After usage feedback and building a better understanding how these reports are being used, we decided to run them on all new commits created on the default branch of repositories.
Photo by Simon Launay on Unsplash
Programmer Introspective
Socket provides an introspective on code signing in relation to the supply chain incident from SolarWinds.
Changelog
The Socket blog now offers both full content Atom and JSON feeds which let you subscribe to all future Socket blog posts.
Application Security
Socket explains the newly released npm provenance provided by GitHub.