evertheylen.eu

Should we start shaming developers who don't use isolation? (opens in new tab)

Covers 3 stories See all stories this covers including NX compromised: supply chain attack via IDE extension, againDiscussed on Hacker News

Intro It seems we are seeing supply-chain attacks every other day now. There are two main reasons for this:\nProjects have too many dependencies. JS projects can easily reach 1000+ transitive dependencies. Projects usually run without any isolation from the rest of the developer’s computer, allowing any attack to easily propagate. Much has been written about the former. It may require the industry to adopt a different mindset, which is always hard. Instead, I want to talk about the latter, wh...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help