From Composer to Decomposer:
When Dependencies Go Rogue

By Christopher Miller

September 2025 has been a wake-up call for anyone who thought supply chain attacks were theoretical problems. In just one week, two devastating attacks hit the Node.js ecosystem, compromising packages with over 2 billion weekly downloads and demonstrating just how vulnerable our modern development practices have become. by Christopher Miller

This article was originally published in the October 2025 issue of PHP Architect magazine. To read the complete article please subscribe or purchase the complete issue.

Use the form below to leave a comment:

We're sorry, but your session has expired due to inactivity. Please use your browser to refresh this page and log in to our system again.

From Composer to Decomposer:
When Dependencies Go Rogue

By Christopher Miller

Leave a comment

October 2025 Magazine Issue

Our Partners

About us

Policies & legal

Online Store

Special sections

From Composer to Decomposer: When Dependencies Go Rogue

By Christopher Miller

Leave a comment

October 2025 Magazine Issue

Our Partners

About us

Policies & legal

Online Store

Special sections

From Composer to Decomposer:
When Dependencies Go Rogue