Bypassing Socket Firewall using .swf.config
Because software supply chain security is a giant tire fire Socket recently introduced Socket Firewall (sfw), self described as “a free tool that blocks malicious packages at install time, giving developers proactive protection against rising supply chain attacks.” The tool works as “a lightweight tool that protects developer machines in real time, blocking malicious dependencies before they ever reach your laptop or build system.” (Source)
Read More