Standard Search
About 112 results
Supply Chain Security Tools for Ruby
https://nesbitt.io/2025/12/14/supply-chain-security-tools-for-ruby.html · 14 Dec 2025
Ruby implementations of PURL, VERS, SBOM, SWHID, and SARIF specs.
ruby sbom package-managers tools
Slopsquatting meets Dependency Confusion
https://nesbitt.io/2025/12/10/slopsquatting-meets-dependency-confusion.html · 10 Dec 2025
LLMs can leak internal package names, making dependency confusion attacks easier to scale.
security package-managers
Why I'm Fascinated by Package Management
https://nesbitt.io/2025/12/09/why-im-fascinated-by-package-management.html · 9 Dec 2025
From gaming magazine CDs to dependency graphs
package-managers history dependencies
GitHub Actions Has a Package Manager, and It Might Be the Worst
https://nesbitt.io/2025/12/06/github-actions-package-manager.html · 6 Dec 2025
GitHub Actions has a package manager that ignores decades of supply chain security best practices: no lockfile, no integrity verification, no transitive pinning
package-managers github git
Package Manager Design Tradeoffs
https://nesbitt.io/2025/12/05/package-manager-tradeoffs.html · 5 Dec 2025
Design tradeoffs in package managers
package-managers rust reference
What is a Package Manager?
https://nesbitt.io/2025/12/02/what-is-a-package-manager.html · 2 Dec 2025
What is a package manager? Perhaps quite a few more components than you might think
package-managers reference
PromptVer
https://nesbitt.io/2025/12/01/promptver.html · 1 Dec 2025
A semver-compatible versioning scheme for the age of LLMs.
versioning ai semver package-managers satire
Documenting Package Manager Data
https://nesbitt.io/2025/11/30/documenting-package-manager-data.html · 30 Nov 2025
Six repositories documenting how package managers work: commands, manifests, APIs, hooks, and more.
package-managers ecosyste.ms reference
Revisiting Gitballs
https://nesbitt.io/2025/11/28/revisiting-gitballs.html · 28 Nov 2025
Nine years ago I experimented with storing package tarballs as git objects. A visit to Software Heritage got me thinking about it again.
package-managers git software heritage tools
Package Manager Timeline
https://nesbitt.io/2025/11/15/package-manager-timeline.html · 15 Nov 2025
A chronological timeline of package manager releases, major milestones, and significant events in the history of software dependency management.
package-managers history dependencies reference
111362 verified documents in index