Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies"
--> das Tool confused ("... checking for lingering free namespaces for private package names referenced in dependency configuration ...) ist auf [1] zu finden
- Python (pypi) - JavaScript (npm) - PHP (composer)
VG
Bernd
[0] https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
[1] https://github.com/visma-prodsec/confused