This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
Gergely Orosz
gergely.pragmaticengineer.com
did:plc:3n5xhy6vl7smssmwxq5wgqa6
Supply chain attacks are becoming more frequent, and far more serious.
What are sensible practices to protect against these when using Node or Python packages?
I assume pinning versions is the bare minimum; for those with security teams / tools: why else do you do / can you do?
2026-03-31T07:29:41.793Z