PODCAST PODCAST

DEC
27
2018

JavaScript and NPM

A discussion on the implications of blindly using NPM
Recorded on Tuesday, November 27, 2018
Download MP3

Synopsis

  • The nature of NPM
  • The problem with EventStream
  • How do we guard against malicious packages?
  • Is this a problem with Nuget too?
  • Does open source help?
  • What is a project owner's responsibility when handing off a package?
  • Why JavaScript makes this a hard problem
  • Plugging analyzers into the build pipeline
  • Being proactive vs. being reactive
  • Architecting to minimize exposure
  • The StackOverflow effect
  • When implicit trust is based into the learning path
  • The organization's responsibilities
© 2015 Western Devs. All Rights Reserved. Design by Karen Chudobiak, Graphic Designer