Skip to content

Details

In Hungarian again -- the last one before we invoke the authors themselves next year. The last 3/3 episode of self-experimenting around the issue of evil deps isolation in JS, with the current subjects: Secure ECMAScript (Hardened JS) -- a working solution, not a standard yet. ShadowRealm API -- a standard, not so secure though. LavaMoat -- "tools for sandboxing your dependency graph".

Appetizers:
https://www.youtube.com/watch?v=RZ7bBIU8DRc
https://github.com/endojs/endo/blob/master/packages/ses/docs/secure-coding-guide.md
https://www.youtube.com/watch?v=iaqe6F4S2tA
https://github.com/tc39/proposal-shadowrealm/issues/277#issuecomment-708705066

"Slides" from the previous intro sessions regarding the isolation problem:
https://timurxyz.notion.site/Happy-running-alongside-evil-deps-basics-isolation-hu-js-episode-0-45894999a23243f283ab627d9326d7b5

Élő mozi és panel: https://t.me/owasphu [Telegram]
YT-on rebroadcast: yt/@owasphu
DEC29, csütörtök este hétkor
30+ min beszéd és kód mutogatás by @timurx (a panel kritizál), majd kedv szerint vita.

>>>
Midjourney generated art

Related topics

Software Security
JavaScript

Sponsors

Avatao

Avatao

Avatao made a huge donation to the chapter in 2018.

Qualys

Qualys

-

defdev.eu

defdev.eu

Training ticket discounts. Infrastructure of the meetups.

Hack és Lángos

Hack és Lángos

Promotes the events for its large audience.

You may also like