JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne
JavaScript Jabber26 Mar 2019

JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne

SponsorsPanel
  • Aaron Frost
  • AJ O’Neal
  • Chris Ferdinandi
  • Joe Eames
  • Aimee Knight
  • Charles Max Wood
Joined by special guests: Hillel Wayne and Richard FeldmanEpisode SummaryIn this episode of JavaScript Jabber, Hillel Wayne kicks off the podcast by giving a short background about his work, explains the concepts of formal methods and the popular npm package - event-stream, in brief. The panelists then dive into the recent event-stream attack and discuss it at length, focusing on different package managers and their vulnerabilities, as well as the security issues associated with them. They debate on whether paying open source developers for their work, thereby leading to an increase in contribution, would eventually help in improving security or not. They finally talk about what can be done to fix certain dependencies and susceptibilities to prevent further attacks and if there are any solutions that can make things both convenient and secure for users.LinksPicksJoe Eames:Aimee Knight:Aaron Frost:Chris Ferdinandi:Charles Max Wood:Richard Feldman:Hillel Wayne:Special Guests: Hillel Wayne and Richard Feldman.

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Episoder(738)

Next-Level Web Performance with Patrick Meenan - JSJ 608

Next-Level Web Performance with Patrick Meenan - JSJ 608

Patrick Meenan works at Google Chrome. They explore the latest techniques in web performance and optimization. They dive deep into the world of asset compression and delivery optimization. They also ...

21 Nov 20231h 13min

RPC Resurgence: From Client-Server Applications to Next.js and Meta Frameworks - JSJ 607

RPC Resurgence: From Client-Server Applications to Next.js and Meta Frameworks - JSJ 607

AJ, Chuck, and Dan join this week's panelist episode. They dive into the resurgence of RPC (Remote Procedure Call) in JavaScript frameworks and the potential benefits and drawbacks of combining front-...

14 Nov 20231h 39min

Mastering ORM with TypeScript - JSJ 606

Mastering ORM with TypeScript - JSJ 606

Lars-Erik Roald is a software developer at Systor. He shares his insights and experiences in creating ORM and the evolution of the technology. They dive into the world of ORMs, TypeScript, and a varie...

7 Nov 202357min

TypeScript, ESLint, and TypeScript ESLint with Josh Goldberg - JSJ 605

TypeScript, ESLint, and TypeScript ESLint with Josh Goldberg - JSJ 605

Josh Goldberg is a full-time open-source developer. He begins by sharing his developer experience and what he is currently working on. He joins the show to talk about "TypeScript, ESLint, and TypeScri...

31 Okt 20231h 17min

What has Changed with htmx 2.0 with Carson Gross - JSJ 604

What has Changed with htmx 2.0 with Carson Gross - JSJ 604

Carson Gross returns to the show to talk about htmx 2.0. He begins by explaining what's new with htmx, its interesting features, the services it offers to its users, misconceptions about it, and many ...

24 Okt 20231h 21min

Harnessing Module Federation and Micro Front-Ends in JavaScript Development - JSJ 603

Harnessing Module Federation and Micro Front-Ends in JavaScript Development - JSJ 603

Vitor Alencar is a technical lead, speaker, and creator. He joins the show to talk about module federation, its benefits, and how it works. Additionally, they dive into an insightful discussion on mic...

17 Okt 202357min

View Transitions API with Noam Rosenthal - JSJ 602

View Transitions API with Noam Rosenthal - JSJ 602

Noam Rosenthal is a Web platform engineer. They dive into the importance of standards in API behavior for browsers. Noam shares insights on the need for consistency in implementing standards across di...

10 Okt 20231h 26min

Accessibility in Component Libraries with Maya Shavin - JSJ 601

Accessibility in Component Libraries with Maya Shavin - JSJ 601

Maya Shavin is a Senior Software Engineer at Microsoft. She joins the show to talk about accessibility in component libraries for developers. They talk about choosing component libraries when creating...

3 Okt 20231h 16min

Populært innen Business og økonomi

stopp-verden
lydartikler-fra-aftenposten
dine-penger-pengeradet
rss-penger-polser-og-politikk
e24-podden
rss-borsmorgen-okonominyhetene
livet-pa-veien-med-jan-erik-larssen
finansredaksjonen
utbytte
pengepodden-2
pengesnakk
tid-er-penger-en-podcast-med-peter-warren
rss-sunn-okonomi
morgenkaffen-med-finansavisen
lederpodden
lederskap-nhhs-podkast-om-ledelse
rss-politisk-preik
rss-investering-gjort-enkelt
rss-markedspuls-2
rss-andelige-tanker-med-camillo