Securing Your GitHub Repository: Supply Chain Security for Static Sites
Before we dive in, this post was directly inspired by the recent Trivy compromise incident that impacted my workplace and forced me to reassess how exposed we really are to supply chain vulnerabilities. That incident was the wake-up call that pushed me to harden this repository at the source-control and build-pipeline level, not just at runtime. There is this assumption that most developers carry around in the back of their minds. It sounds something like: “I’m just a personal blogger. Nobody is targeting me.” ...