Show HN: Hagana – Runtime protection for Node.js to block supply chain attacks https://ift.tt/ozbEwMx

Show HN: Hagana – Runtime protection for Node.js to block supply chain attacks I recently came across an amazing post that really emphasizes the dangers associated with installing npm packages. It seems that every week a new supply chain attack occurs. In my opinion, the existing solutions for this don't quite cut it so I decided to create a library which provides runtime protection for Node. It currently protects against: - Unauthorized file system access - Unauthorized network access - Unauthorized command execution - (by way of exec/spawn) I just released the first beta version of the library and I'd love to hear what you guys think. Note: Protection is still missing for post/pre install scripts, but that's up next. https://ift.tt/Ez1Nbs5 June 22, 2022 at 05:59AM