What are Weak Links in the npm Supply Chain?

19 December 2021

Papers citing "What are Weak Links in the npm Supply Chain?"

4 / 4 papers shown

Title
An Industry Interview Study of Software Signing for Supply Chain Security Kelechi G. Kalu Tanya Singla C. Okafor Santiago Torres-Arias James C. Davis 78 6 0 12 Jun 2024
Containing Malicious Package Updates in npm with a Lightweight Permission System G. Ferreira Limin Jia Joshua Sunshine Christian Kastner 33 47 0 08 Mar 2021
Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks Marc Ohm H. Plate Arnold Sykosch M. Meier 57 201 0 19 May 2020
Small World with High Risks: A Study of Security Threats in the npm Ecosystem Markus Zimmermann Cristian-Alexandru Staicu Cam Tenny Michael Pradel 74 224 0 25 Feb 2019