JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne
JavaScript Jabber26 Mars 2019

JSJ 357: Event-Stream & Package Vulnerabilities with Richard Feldman and Hillel Wayne

SponsorsPanel
  • Aaron Frost
  • AJ O’Neal
  • Chris Ferdinandi
  • Joe Eames
  • Aimee Knight
  • Charles Max Wood
Joined by special guests: Hillel Wayne and Richard FeldmanEpisode SummaryIn this episode of JavaScript Jabber, Hillel Wayne kicks off the podcast by giving a short background about his work, explains the concepts of formal methods and the popular npm package - event-stream, in brief. The panelists then dive into the recent event-stream attack and discuss it at length, focusing on different package managers and their vulnerabilities, as well as the security issues associated with them. They debate on whether paying open source developers for their work, thereby leading to an increase in contribution, would eventually help in improving security or not. They finally talk about what can be done to fix certain dependencies and susceptibilities to prevent further attacks and if there are any solutions that can make things both convenient and secure for users.LinksPicksJoe Eames:Aimee Knight:Aaron Frost:Chris Ferdinandi:Charles Max Wood:Richard Feldman:Hillel Wayne:Special Guests: Hillel Wayne and Richard Feldman.

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.

Avsnitt(738)

074 JSJ Grunt with Ben Alman

074 JSJ Grunt with Ben Alman

PanelBen Alman (twitter github blog) AJ O’Neal (twitter github blog) Jamison Dance (twitter github blog) Ryan Florence (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Rails Ram...

6 Sep 20131h 14min

073 JSJ React with Pete Hunt and Jordan Walke

073 JSJ React with Pete Hunt and Jordan Walke

PanelPete Hunt (twitter github blog) Jordan Walke (twitter github) Joe Eames (twitter github blog) AJ O’Neal (twitter github blog) Jamison Dance (twitter github blog) Merrick Christensen (twitter gith...

30 Aug 201356min

072 JSJ Screencasts

072 JSJ Screencasts

PanelJamison Dance (twitter github blog) Joe Eames (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Rails Ramp Up) Discussion 01:31 - Screencasting ExperiencePluralsight: Angula...

23 Aug 201349min

071 JSJ JavaScript Strategies at Microsoft with Scott Hanselman

071 JSJ JavaScript Strategies at Microsoft with Scott Hanselman

PanelScott Hanselman (twitter github blog) Joe Eames (twitter github blog) Aaron Frost (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Rails Ramp Up) Discussion 01:14 - Scott H...

16 Aug 201357min

070 JSJ Book Club: JavaScript Allongé with Reginald Braithwaite

070 JSJ Book Club: JavaScript Allongé with Reginald Braithwaite

PanelReginald Braithwaite (twitter github blog) Jamison Dance (twitter github blog) Joe Eames (twitter github blog) AJ O’Neal (twitter github blog) Merrick Christensen (twitter github) Charles Max Woo...

9 Aug 20131h 6min

069 JSJ The Application Cache with Jake Archibald

069 JSJ The Application Cache with Jake Archibald

PanelJake Archibald (twitter github blog) Jamison Dance (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Rails Ramp Up) Discussion 01:14 - Jake Archibald IntroductionWorks on De...

2 Aug 201351min

068 JSJ ES6 with Aaron Frost

068 JSJ ES6 with Aaron Frost

PanelAaron Frost (twitter github blog) Merrick Christensen (twitter github) Joe Eames (twitter github blog) Jamison Dance (twitter github blog) Discussion 01:36 - Aaron Frost IntroductionWeb Developer...

26 Juli 201347min

067 JSJ Testem with Toby Ho

067 JSJ Testem with Toby Ho

PanelToby Ho (twitter github blog) Joe Eames (twitter github blog) Aaron Frost (twitter github blog) Charles Max Wood (twitter github Teach Me To Code Rails Ramp Up) Discussion 00:53 - Aaron Frost Int...

19 Juli 201348min

Populärt inom Business & ekonomi

framgangspodden
badfluence
varvet
rss-jossan-nina
rss-svart-marknad
rss-borsens-finest
uppgang-och-fall
rss-dagen-med-di
avanzapodden
lastbilspodden
rss-inga-dumma-fragor-om-pengar
rss-kort-lang-analyspodden-fran-di
fill-or-kill
bathina-en-podcast
bilar-med-sladd
borsmorgon
market-makers
24fragor
dynastin
svd-tech-brief