))
Outdated JavaScript tooling, vulnerabilities and security
Manage episode 311855978 series 3193665
Nội dung được cung cấp bởi Maria Campbell. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Maria Campbell hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
I have spoken or written about this topic before, but feel the need to re-address it.
Node Security/npm audit appeared for the first time in my Terminal window in March of last year (2018). I had read that it was a new feature in npm created by Node Security, and was excited about the prospect of knowing more about what was going on under the hood with my npm packages and how that all boded for Web/Software Development and Individual Machine(s) Security. Previously, many of us were under the false impression that everything in our code, in our workflows using third party plugins and packages passed muster.
Correction to podcast (also added to transcript on interglobalmedianetwork.com website):
If, when you clone or download something from a repository, and then run npm i (assuming there is a package.json present), and there is a message (correction: npmjs and not Node Security) stating that it has detected vulnerabilities in your package(s), follow their instructions to run npm audit.
To view the transcript/post of this podcast, please visit Outdated JavaScript tooling, vulnerabilities and security on interglobalmedianetwork.com.
--- Send in a voice message: https://podcasters.spotify.com/pod/show/maria-campbell/message Support this podcast: https://podcasters.spotify.com/pod/show/maria-campbell/support59 tập
Chia sẻ
