Dependency cooldowns: a simple supply chain fix
Learn how dependency cooldowns protect against supply chain attacks by delaying automatic adoption of new package versions.
Archived
Handling Log4Shell vulnerability
Summarizing the current state of advice regarding the Log4j vulnerability.