https://semgrep.dev/blog/2025/block-malicious-dependencies-with-semgrep-supply-chain/
Protect Against Open Source Malware Attacks with Semgrep Supply Chain | Semgrep
Malicious dependency detection is now generally available for Semgrep Supply Chain customers. Practitioners can configure policies to automatically block these...
semgrep supply chainopen sourceprotectmalwareattacks
https://semgrep.dev/products/semgrep-supply-chain/
Semgrep Supply Chain | Protect Dependencies with Software Composition Analysis (SCA) | Semgrep
Semgrep's Software Composition Analysis (SCA) helps developers prioritize reachable vulnerabilities when scanning source-code dependencies.
semgrep supply chainsoftware composition analysisprotectdependenciessca