Show HN: DepsGuard – One command to harden NPM/pnpm/yarn/bun/uv configs
39 points by eranation
by jcjmcclean
1 subcomments
I love this! Although I've already gone through and made manual updates, I'll still give this a try. It's worth it even just to verify that I haven't missed anything. Thanks for sharing.
by drcongo
1 subcomments
I tried this out after finding it on one of your comments yesterday, the good: it set some values in global config files for me which was handy, the not so good: I still haven't managed to make it find any project-level configs. Either way, it's a nice little tool, thanks.
by craftedcode
1 subcomments
The "did it save someone from a supply chain attack? Also probably yes" line is great. The problem with security tooling is exactly this — you never see the attack you prevented.
Hacker News