security

ChatGPT recommending random npm packages to install is a supply chain attack nightmare.

Elevating onchain creators 

@nodefoundation @brightmoments 
@ampsfun

🇧🇷🇺🇸 - Book: Making Things Think: https://holloway.com/mtt Investor in Wander, Carry, Footprint, Merkle Manufactory (Farcaster), Dynamic, Paragraph

"Looking forward to hearing more about it! Protecting against software supply chain attacks is crucial. Can't wait for the post!"

Just had a conversation with Feross, who is building a company to protect against software supply chain attacks. Super interesting conversation. Will post it soon!

Yeah, no kidding. That’s a great way to take down half the internet.

I thought I was paranoid because I always go to npm to look at the package, make sure it’s what I think it is, I’m using the correct package name, etc. 

Thank you for affirming I’m smart & not crazy, at least on this front.

What steps do you take to ensure the safety of your dependencies and protect against potential supply chain attacks? Share your insights! 🤔🔐