Featured
Posted by
Crista Perlton on March 27th, 2025.
Your development team pulls a package from a ProGet feed connected to npmjs.org. It seems pretty straightforward and routine, until you later discover the package contains known vulnerabilities, leaking sensitive user data. OSS registries can be unpredictable: some packages are reliable, others… not so much. Without proper...
Featured
Posted by
The Inedo Team on March 25th, 2025.
Success in software development isn’t just about writing awesome code. It’s about always getting better, reflecting on what works, and having a culture that really values these things. At Inedo, we embrace the philosophy of Chowa, a Japanese term for balance and harmony. One of the key pillars of this is Kaizen; (Continuous...
Featured
Posted by
Iris Chubb on March 25th, 2025.
Poor visibility into Jenkins installs and projects creates chaos, can disrupt work, and increases risk.
Featured
Posted byCrista Perlton on March 21st, 2025.
Managing your project’s npm packages starts out simple. But as it grows, not only do the number of packages grow, but so do their dependencies; each with different licenses that may or may not align with your organization’s policies. Assessing them is tedious and time-consuming, and without clear oversight, it’s easy for things to...
Featured
Posted byThe Inedo Team on March 20th, 2025.
In 2024, we conducted a survey on Software Supply Chain Security, receiving responses from over 1,000 professionals. We published the results as the 2024 State of Software Supply Chain Security Report. The report was well received, with overwhelmingly positive feedback. Readers appreciated the benchmark insights, and the findings sparked...
Featured
Posted byCrista Perlton on March 18th, 2025.
Your PowerShell modules are an integral part of your development process. Learn how to care for, create, and get the most out of your PowerShell modules.
Featured
Posted byCrista Perlton on March 13th, 2025.
An npm package versioned 1.4.5 doesn’t tell you much – certainly not whether it’s stable or what it’s supposed to do. Without context, it’s all too easy to misinterpret the purpose of a build, and this confusion leads to dependency issues, broken builds, or even runtime errors. Worst-case scenario? Unstable...
Featured
Posted byCrista Perlton on March 7th, 2025.
You’ve seen vulnerability assessments pop up while managing npm packages in ProGet. Running npm audit sparks questions about what vague warnings like “high-severity” warnings actually mean for your applications, leaving you stuck making calls with little context. On top of that, floods of security notifications and...
Crista Perlton on March 27th, 2025.
The Inedo Team
Iris Chubb