Socket(@SocketSecurity ):This is why @pnpmjs's latest v11 release was the top story in Socket Weekly this past week - it includes smart defaults that put roadblocks in front of attacks like this. Hard to imagine a more relevant release for this week’s supply chain chaos. 🔮

Socket

@SocketSecurity

Socket is the #1# software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS. 👀 @npm_malware

Joined November 2021

4.6K Following 15.8K Followers

Socket@SocketSecurity

2026.05.12 16:25

This is why @pnpmjs's latest v11 release was the top story in Socket Weekly this past week - it includes smart defaults that put roadblocks in front of attacks like this. Hard to imagine a more relevant release for this week’s supply chain chaos. 🔮

Rami McCarthy@ramimacisabird

2026.05.12 12:35

Everyone is tweeting out "use pnpm & set a minimumReleaseAge of 7 days" but don't forget blockExoticSubdeps - which would also prevent the usage of a remote github reference here!

509

Forward to community

Most Popular Users