Gonçalo Valério
Follow

Be careful with the dependencies you include on your project. Examples like this:

blog.npmjs.org/post/1735268075

keep showing up. Using an automated tool to continuously check them might be a good strategy (an old post of mine listing some examples: blog.ovalerio.net/archives/129)

@dethos Or far more common, libraries with security holes you can drive a truck through, like squel's (still not fixed afaik) failure to properly quote apostrophes under certain circumstances.

Sign in to participate in the conversation
Social feed

s.ovalerio.net is one server in the network