This is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is.
Post
Gergely Orosz
gergely.pragmaticengineer.com
did:plc:3n5xhy6vl7smssmwxq5wgqa6
Supply chain attacks are happening left and right with npm, PyPI and so many other places. It seems to be getting worse, everyone agrees.
But what can you do about it?
Some thoughts on possible approaches (all have tradeoffs).
What did I miss? And what vendors actually work?
2026-05-12T06:37:05.179Z