/mf2/2025/12/fa7vm/ · Jamie Tanna

Reposted Jordan Harband (@jordan.har.band)

Post details

I made something new: an eslint plugin to validate your npm ecosystem lockfiles! It supports npm, pnpm, yarn, bun, and vlt, and it's already helped find a supply chain security attack vector inside a fortune 500 tech company. https://www.npmjs.com/package/eslint-plugin-lockfile

Mon, 22 Dec 2025 08:00 by Jamie Tanna .

This post was filed under reposts.

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.